Alerts This Week
Warning Icon 1 541
Alerts This Week
Warning Icon 1 541

Stay Secure with the Latest Linux Advisories

Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H800
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 7 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraDoS

Fedora 42: rust-reqsign-core Vulnerability Patch CVE-2025-62518

uv 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md Since uv was built with astral-tokio-tar 0.5.6, this is a security fix for CVE-2025-62518. ruff 0.14.2. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-a77c1f005b 2025-11-03 01:05:58.219415+00:00 -------------------------------------------------------------------------------- Name : rust-reqsign-core Product : Fedora 42 Version : 2.0.0 Release : 1.fc42 URL : https://crates.io/crates/reqsign-core Summary : Signing API requests without effort Description : Signing API requests without effort. -------------------------------------------------------------------------------- Update Information: uv 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md Since uv was built with astral-tokio-tar 0.5.6, this is a security fix for CVE-2025-62518. ruff 0.14.2 https://github.com/astral-sh/ruff/blob/0.14.2/CHANGELOG.md rust-astral-tokio-tar 0.5.6 Fixed a parser desynchronization vulnerability when reading tar archives that contain mismatched size information in PAX/ustar headers. This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx and CVE-2025-62518. Initial package for python-uv-build in Fedora 42 Initial packages for a number of new dependencies for ruff and uv Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1 Update openapi-python-client to 0.26.2 and patch it to allow ruff 0.14 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 23 2025 Benjamin A. Beasley - 2.0.0-1 - Update to version 2.0.0; Fixes RHBZ#2402441 * Tue Sep 30 2025 Benjamin A. Beasley - 1.0.0-1 - Initial package (close RHBZ#2400096) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2360699 - ruff-0.14.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2360699 [ 2 ] Bug #2402441 -rust-reqsign-core-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402441 [ 3 ] Bug #2402442 - rust-reqsign-command-execute-tokio-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402442 [ 4 ] Bug #2402443 - rust-reqsign-http-send-reqwest-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402443 [ 5 ] Bug #2402881 - python-uv-build-0.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402881 [ 6 ] Bug #2402923 - uv-0.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402923 [ 7 ] Bug #2405474 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar Vulnerable to PAX Header Desynchronization [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2405474 [ 8 ] Bug #2405476 - CVE-2025-62518 uv: astral-tokio-tar Vulnerable to PAX Header Desynchronization [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2405476 [ 9 ] Bug #2406135 - ruff-0.14.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2406135 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-a77c1f005b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines:https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Critical fix for rust-reqsign-core in Fedora 42 addresses CVE-2025-62518 causing desynchronization issues.. Fedora rust-reqsign-core CVE-2025-62518 security fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 03, 2025 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora 42: rust-tikv-jemalloc-sys Severe PAX Mismatch CVE-2025-62518

uv 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md Since uv was built with astral-tokio-tar 0.5.6, this is a security fix for CVE-2025-62518. ruff 0.14.2. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-a77c1f005b 2025-11-03 01:05:58.219415+00:00 -------------------------------------------------------------------------------- Name : rust-tikv-jemalloc-sys Product : Fedora 42 Version : 0.6.1 Release : 1.fc42 URL : https://crates.io/crates/tikv-jemalloc-sys Summary : Rust FFI bindings to jemalloc Description : Rust FFI bindings to jemalloc. -------------------------------------------------------------------------------- Update Information: uv 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md Since uv was built with astral-tokio-tar 0.5.6, this is a security fix for CVE-2025-62518. ruff 0.14.2 https://github.com/astral-sh/ruff/blob/0.14.2/CHANGELOG.md rust-astral-tokio-tar 0.5.6 Fixed a parser desynchronization vulnerability when reading tar archives that contain mismatched size information in PAX/ustar headers. This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx and CVE-2025-62518. Initial package for python-uv-build in Fedora 42 Initial packages for a number of new dependencies for ruff and uv Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1 Update openapi-python-client to 0.26.2 and patch it to allow ruff 0.14 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 16 2025 Benjamin A. Beasley - 0.6.1-1 - Update to version 0.6.1 * Fri Jul 25 2025 Fedora Release Engineering - 0.6.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2360699 - ruff-0.14.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2360699 [ 2 ] Bug#2402441 - rust-reqsign-core-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402441 [ 3 ] Bug #2402442 - rust-reqsign-command-execute-tokio-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402442 [ 4 ] Bug #2402443 - rust-reqsign-http-send-reqwest-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402443 [ 5 ] Bug #2402881 - python-uv-build-0.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402881 [ 6 ] Bug #2402923 - uv-0.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402923 [ 7 ] Bug #2405474 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar Vulnerable to PAX Header Desynchronization [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2405474 [ 8 ] Bug #2405476 - CVE-2025-62518 uv: astral-tokio-tar Vulnerable to PAX Header Desynchronization [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2405476 [ 9 ] Bug #2406135 - ruff-0.14.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2406135 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-a77c1f005b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines:https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Fedora 42 updates rust-tikv-jemalloc-sys for critical CVE-2025-62518 security issue related to desynchronization vulnerabilities.. Fedora 42, rust-tikv-jemalloc-sys, CVE-2025-62518, desynchronization, security update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 03, 2025 Critical Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysecurity issuefedora

Fedora 42: Critical CVE-2025-62518 in rust-reqsign-http-send-reqwest

uv 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md Since uv was built with astral-tokio-tar 0.5.6, this is a security fix for CVE-2025-62518. ruff 0.14.2. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-a77c1f005b 2025-11-03 01:05:58.219415+00:00 -------------------------------------------------------------------------------- Name : rust-reqsign-http-send-reqwest Product : Fedora 42 Version : 2.0.0 Release : 1.fc42 URL : https://crates.io/crates/reqsign-http-send-reqwest Summary : Reqwest-based HTTP client implementation for reqsign Description : Reqwest-based HTTP client implementation for reqsign. -------------------------------------------------------------------------------- Update Information: uv 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md Since uv was built with astral-tokio-tar 0.5.6, this is a security fix for CVE-2025-62518. ruff 0.14.2 https://github.com/astral-sh/ruff/blob/0.14.2/CHANGELOG.md rust-astral-tokio-tar 0.5.6 Fixed a parser desynchronization vulnerability when reading tar archives that contain mismatched size information in PAX/ustar headers. This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx and CVE-2025-62518. Initial package for python-uv-build in Fedora 42 Initial packages for a number of new dependencies for ruff and uv Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1 Update openapi-python-client to 0.26.2 and patch it to allow ruff 0.14 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 23 2025 Benjamin A. Beasley - 2.0.0-1 - Update to version 2.0.0; Fixes RHBZ#2402443 * Thu Oct 2 2025 Benjamin A. Beasley - 1.0.0-1 - Initial package (close RHBZ#2400100) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2360699 - ruff-0.14.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2360699 [ 2 ] Bug #2402441 - rust-reqsign-core-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402441 [ 3 ] Bug #2402442 - rust-reqsign-command-execute-tokio-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402442 [ 4 ] Bug #2402443 - rust-reqsign-http-send-reqwest-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402443 [ 5 ] Bug #2402881 - python-uv-build-0.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402881 [ 6 ] Bug #2402923 - uv-0.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402923 [ 7 ] Bug #2405474 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar Vulnerable to PAX Header Desynchronization [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2405474 [ 8 ] Bug #2405476 - CVE-2025-62518 uv: astral-tokio-tar Vulnerable to PAX Header Desynchronization [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2405476 [ 9 ] Bug #2406135 - ruff-0.14.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2406135 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-a77c1f005b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Security advisory for Fedora 42 addressing critical vulnerabilities in rust-reqsign-http-send-reqwest and associated libraries.. rust-reqsign-http-send-reqwest, fedora 42, CVE-2025-62518, security fix, update information. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 03, 2025 Important Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoradesynchronization

Fedora 42: critical desynchronization in rust-proc-macro-utils PAX header

uv 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md Since uv was built with astral-tokio-tar 0.5.6, this is a security fix for CVE-2025-62518. ruff 0.14.2. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-a77c1f005b 2025-11-03 01:05:58.219415+00:00 -------------------------------------------------------------------------------- Name : rust-proc-macro-utils Product : Fedora 42 Version : 0.10.0 Release : 1.fc42 URL : https://crates.io/crates/proc-macro-utils Summary : Low-level utilities on proc-macro and proc-macro2 types Description : Low-level utilities on proc-macro and proc-macro2 types. -------------------------------------------------------------------------------- Update Information: uv 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md Since uv was built with astral-tokio-tar 0.5.6, this is a security fix for CVE-2025-62518. ruff 0.14.2 https://github.com/astral-sh/ruff/blob/0.14.2/CHANGELOG.md rust-astral-tokio-tar 0.5.6 Fixed a parser desynchronization vulnerability when reading tar archives that contain mismatched size information in PAX/ustar headers. This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx and CVE-2025-62518. Initial package for python-uv-build in Fedora 42 Initial packages for a number of new dependencies for ruff and uv Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1 Update openapi-python-client to 0.26.2 and patch it to allow ruff 0.14 -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 29 2025 Benjamin A. Beasley - 0.10.0-1 - Initial package (close RHBZ#2398050) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2360699 - ruff-0.14.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2360699 [ 2 ] Bug #2402441 - rust-reqsign-core-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402441 [ 3 ] Bug #2402442 - rust-reqsign-command-execute-tokio-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402442 [ 4 ] Bug #2402443 - rust-reqsign-http-send-reqwest-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402443 [ 5 ] Bug #2402881 - python-uv-build-0.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402881 [ 6 ] Bug #2402923 - uv-0.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402923 [ 7 ] Bug #2405474 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar Vulnerable to PAX Header Desynchronization [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2405474 [ 8 ] Bug #2405476 - CVE-2025-62518 uv: astral-tokio-tar Vulnerable to PAX Header Desynchronization [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2405476 [ 9 ] Bug #2406135 - ruff-0.14.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2406135 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-a77c1f005b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . A security advisory on Fedora 42 regarding rust-proc-macro-utils and a critical issue with PAX headers.. Fedora security update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 03, 2025 Critical Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoravulnerability

Fedora 42 Security Update for rust-reqsign Addressing CVE-2025-62518

uv 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md Since uv was built with astral-tokio-tar 0.5.6, this is a security fix for CVE-2025-62518. ruff 0.14.2. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-a77c1f005b 2025-11-03 01:05:58.219415+00:00 -------------------------------------------------------------------------------- Name : rust-reqsign Product : Fedora 42 Version : 0.18.0 Release : 1.fc42 URL : https://crates.io/crates/reqsign Summary : Signing HTTP requests for popular cloud services Description : Signing HTTP requests for AWS, Azure, Google, Huawei, Aliyun, Tencent and Oracle services. -------------------------------------------------------------------------------- Update Information: uv 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md Since uv was built with astral-tokio-tar 0.5.6, this is a security fix for CVE-2025-62518. ruff 0.14.2 https://github.com/astral-sh/ruff/blob/0.14.2/CHANGELOG.md rust-astral-tokio-tar 0.5.6 Fixed a parser desynchronization vulnerability when reading tar archives that contain mismatched size information in PAX/ustar headers. This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx and CVE-2025-62518. Initial package for python-uv-build in Fedora 42 Initial packages for a number of new dependencies for ruff and uv Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1 Update openapi-python-client to 0.26.2 and patch it to allow ruff 0.14 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 23 2025 Benjamin A. Beasley - 0.18.0-1 - Update to version 0.18.0 * Wed Oct 22 2025 Benjamin A. Beasley - 0.17.0-1 - Initial package (close RHBZ#2400218) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2360699 - ruff-0.14.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2360699 [ 2 ] Bug #2402441 - rust-reqsign-core-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402441 [ 3 ] Bug #2402442 - rust-reqsign-command-execute-tokio-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402442 [ 4 ] Bug #2402443 - rust-reqsign-http-send-reqwest-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402443 [ 5 ] Bug #2402881 - python-uv-build-0.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402881 [ 6 ] Bug #2402923 - uv-0.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402923 [ 7 ] Bug #2405474 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar Vulnerable to PAX Header Desynchronization [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2405474 [ 8 ] Bug #2405476 - CVE-2025-62518 uv: astral-tokio-tar Vulnerable to PAX Header Desynchronization [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2405476 [ 9 ] Bug #2406135 - ruff-0.14.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2406135 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-a77c1f005b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Fedora 42 delivers a security fix for rust-reqsign addressing CVE-2025-62518 related to request signing issues.. Fedora security fix, rust-reqsign update, CVE-2025-62518, desynchronization vulnerability. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 03, 2025 Important Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora 42: rust-reqsign-aws-v4 Critical PAX Header Desync CVE-2025-62518

uv 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md Since uv was built with astral-tokio-tar 0.5.6, this is a security fix for CVE-2025-62518. ruff 0.14.2. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-a77c1f005b 2025-11-03 01:05:58.219415+00:00 -------------------------------------------------------------------------------- Name : rust-reqsign-aws-v4 Product : Fedora 42 Version : 2.0.0 Release : 1.fc42 URL : https://crates.io/crates/reqsign-aws-v4 Summary : AWS SigV4 signing implementation for reqsign Description : AWS SigV4 signing implementation for reqsign. -------------------------------------------------------------------------------- Update Information: uv 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md Since uv was built with astral-tokio-tar 0.5.6, this is a security fix for CVE-2025-62518. ruff 0.14.2 https://github.com/astral-sh/ruff/blob/0.14.2/CHANGELOG.md rust-astral-tokio-tar 0.5.6 Fixed a parser desynchronization vulnerability when reading tar archives that contain mismatched size information in PAX/ustar headers. This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx and CVE-2025-62518. Initial package for python-uv-build in Fedora 42 Initial packages for a number of new dependencies for ruff and uv Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1 Update openapi-python-client to 0.26.2 and patch it to allow ruff 0.14 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 23 2025 Benjamin A. Beasley - 2.0.0-1 - Update to version 2.0.0 * Sat Oct 11 2025 Benjamin A. Beasley - 1.0.0-1 - Initial package (close RHBZ#2400195) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2360699 - ruff-0.14.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2360699 [ 2 ] Bug #2402441 -rust-reqsign-core-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402441 [ 3 ] Bug #2402442 - rust-reqsign-command-execute-tokio-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402442 [ 4 ] Bug #2402443 - rust-reqsign-http-send-reqwest-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402443 [ 5 ] Bug #2402881 - python-uv-build-0.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402881 [ 6 ] Bug #2402923 - uv-0.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402923 [ 7 ] Bug #2405474 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar Vulnerable to PAX Header Desynchronization [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2405474 [ 8 ] Bug #2405476 - CVE-2025-62518 uv: astral-tokio-tar Vulnerable to PAX Header Desynchronization [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2405476 [ 9 ] Bug #2406135 - ruff-0.14.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2406135 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-a77c1f005b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines:https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Critical security fix for aws-sigv4 in Fedora 42 addressing PAX header desynchronization exposing services to risks.. rust aws signing, fedora 42 security, critical update, desynchronization issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 03, 2025 Critical Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorasecurity fix

Fedora 42: rust-quote-use-macros Critical PAX Header Desync CVE-2025-62518

uv 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md Since uv was built with astral-tokio-tar 0.5.6, this is a security fix for CVE-2025-62518. ruff 0.14.2. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-a77c1f005b 2025-11-03 01:05:58.219415+00:00 -------------------------------------------------------------------------------- Name : rust-quote-use-macros Product : Fedora 42 Version : 0.8.4 Release : 1.fc42 URL : https://crates.io/crates/quote-use-macros Summary : Support use in procmacros hygienically Description : Support `use` in procmacros hygienically. -------------------------------------------------------------------------------- Update Information: uv 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md Since uv was built with astral-tokio-tar 0.5.6, this is a security fix for CVE-2025-62518. ruff 0.14.2 https://github.com/astral-sh/ruff/blob/0.14.2/CHANGELOG.md rust-astral-tokio-tar 0.5.6 Fixed a parser desynchronization vulnerability when reading tar archives that contain mismatched size information in PAX/ustar headers. This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx and CVE-2025-62518. Initial package for python-uv-build in Fedora 42 Initial packages for a number of new dependencies for ruff and uv Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1 Update openapi-python-client to 0.26.2 and patch it to allow ruff 0.14 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 2 2025 Benjamin A. Beasley - 0.8.4-1 - Initial package (close RHBZ#2398054) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2360699 - ruff-0.14.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2360699 [ 2 ] Bug #2402441 - rust-reqsign-core-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402441 [ 3 ] Bug #2402442 - rust-reqsign-command-execute-tokio-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402442 [ 4 ] Bug #2402443 - rust-reqsign-http-send-reqwest-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402443 [ 5 ] Bug #2402881 - python-uv-build-0.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402881 [ 6 ] Bug #2402923 - uv-0.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402923 [ 7 ] Bug #2405474 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar Vulnerable to PAX Header Desynchronization [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2405474 [ 8 ] Bug #2405476 - CVE-2025-62518 uv: astral-tokio-tar Vulnerable to PAX Header Desynchronization [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2405476 [ 9 ] Bug #2406135 - ruff-0.14.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2406135 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-a77c1f005b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Fedora 42 update addresses critical CVE-2025-62518 affecting rust-quote-use-macros via PAX header desynchronization issue.. Fedora security update, rust-quote-use-macros, CVE-2025-62518, PAX desynchronization, Linux security advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 03, 2025 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraimportant

Fedora 42: Critical Fix for CVE-2025-62518 in python-uv-build Package

uv 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md Since uv was built with astral-tokio-tar 0.5.6, this is a security fix for CVE-2025-62518. ruff 0.14.2. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-a77c1f005b 2025-11-03 01:05:58.219415+00:00 -------------------------------------------------------------------------------- Name : python-uv-build Product : Fedora 42 Version : 0.9.5 Release : 1.fc42 URL : https://pypi.org/project/uv-build Summary : The uv build backend Description : This package is a slimmed down version of uv containing only the build backend. -------------------------------------------------------------------------------- Update Information: uv 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md Since uv was built with astral-tokio-tar 0.5.6, this is a security fix for CVE-2025-62518. ruff 0.14.2 https://github.com/astral-sh/ruff/blob/0.14.2/CHANGELOG.md rust-astral-tokio-tar 0.5.6 Fixed a parser desynchronization vulnerability when reading tar archives that contain mismatched size information in PAX/ustar headers. This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx and CVE-2025-62518. Initial package for python-uv-build in Fedora 42 Initial packages for a number of new dependencies for ruff and uv Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1 Update openapi-python-client to 0.26.2 and patch it to allow ruff 0.14 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 24 2025 Benjamin A. Beasley - 0.9.5-1 - Update to 0.9.5 (close RHBZ#2402881) * Fri Oct 24 2025 Benjamin A. Beasley - 0.9.4-1 - Update to 0.9.4 * Thu Oct 23 2025 Benjamin A. Beasley - 0.9.3-1 - Update to 0.9.3 * Thu Oct 23 2025 Benjamin A. Beasley - 0.9.2-1 - Update to 0.9.2 * Thu Oct 23 2025 Benjamin A. Beasley - 0.9.1-1 - Update to 0.9.1 * Thu Oct 23 2025 BenjaminA. Beasley - 0.9.0-1 - Update to 0.9.0 * Wed Oct 22 2025 Benjamin A. Beasley - 0.8.24-1 - Update to 0.8.24 * Wed Oct 22 2025 Benjamin A. Beasley - 0.8.23-1 - Update to 0.8.23 * Wed Oct 22 2025 Benjamin A. Beasley - 0.8.22-1 - Update to 0.8.22 * Wed Oct 22 2025 Benjamin A. Beasley - 0.8.21-1 - Update to 0.8.21 * Mon Sep 29 2025 Benjamin A. Beasley - 0.8.20-1 - Update to 0.8.20 (close RHBZ#2389312) * Mon Sep 29 2025 Benjamin A. Beasley - 0.8.19-1 - Update to 0.8.19 * Mon Sep 29 2025 Benjamin A. Beasley - 0.8.18-1 - Update to 0.8.18 * Sun Sep 28 2025 Benjamin A. Beasley - 0.8.17-1 - Update to 0.8.17 * Sun Sep 28 2025 Benjamin A. Beasley - 0.8.16-1 - Update to 0.8.16 * Sun Sep 28 2025 Benjamin A. Beasley - 0.8.15-1 - Update to 0.8.15 * Sun Sep 28 2025 Benjamin A. Beasley - 0.8.14-1 - Update to 0.8.14 * Sun Sep 28 2025 Benjamin A. Beasley - 0.8.13-1 - Update to 0.8.13 * Sun Sep 28 2025 Benjamin A. Beasley - 0.8.12-1 - Update to 0.8.12 * Sun Sep 28 2025 Benjamin A. Beasley - 0.8.11-4 - Use the bundled reqwest-middleware, too * Fri Sep 19 2025 Python Maint - 0.8.11-3 - Rebuilt for Python 3.14.0rc3 bytecode * Tue Sep 2 2025 Benjamin A. Beasley - 0.8.11-2 - Rebuilt with rust-tracing-subscriber-0.3.20 - Fixes CVE-2025-58160: fixes RHBZ#2392055, fixes RHBZ#2392012, fixes RHBZ#2391975 * Sat Aug 16 2025 Benjamin A. Beasley - 0.8.11-1 - Update to 0.8.11 (close RHBZ#2388438) * Sat Aug 16 2025 Benjamin A. Beasley - 0.8.10-1 - Update to 0.8.10 * Fri Aug 15 2025 Python Maint - 0.8.9-2 - Rebuilt for Python 3.14.0rc2 bytecode * Wed Aug 13 2025 Benjamin A. Beasley - 0.8.9-1 - Update to 0.8.9 (close RHBZ#2387765) * Sat Aug 9 2025 Benjamin A. Beasley - 0.8.8-1 - Update to 0.8.8 (close RHBZ#2387092) * Sat Aug 9 2025 Benjamin A. Beasley - 0.8.7-1 - Update to 0.8.7 * Sat Aug 9 2025 Benjamin A. Beasley - 0.8.6-1 - Update to 0.8.6 * Wed Aug 6 2025 Benjamin A. Beasley - 0.8.5-1 - Update to 0.8.5 (close RHBZ#2386645) * Thu Jul 31 2025Benjamin A. Beasley - 0.8.4-1 - Update to 0.8.4 (close RHBZ#2381737) * Thu Jul 31 2025 Benjamin A. Beasley - 0.8.3-1 - Update to 0.8.3 * Tue Jul 29 2025 Benjamin A. Beasley - 0.8.2-1 - Update to 0.8.2 * Tue Jul 29 2025 Benjamin A. Beasley - 0.8.1-1 - Update to 0.8.1 * Tue Jul 29 2025 Benjamin A. Beasley - 0.8.0-1 - Update to 0.8.0 * Fri Jul 25 2025 Fedora Release Engineering - 0.7.22-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Sat Jul 19 2025 Benjamin A. Beasley - 0.7.22-1 - Update to 0.7.22 * Tue Jul 15 2025 Benjamin A. Beasley - 0.7.21-1 - Update to 0.7.21 (close RHBZ#2379123) * Thu Jul 10 2025 Benjamin A. Beasley - 0.7.20-1 - Update to 0.7.20 (close RHBZ#2379145) * Tue Jul 8 2025 Benjamin A. Beasley - 0.7.19-1 - Update to 0.7.19 (close RHBZ#2375432) * Tue Jul 8 2025 Benjamin A. Beasley - 0.7.18-1 - Update to 0.7.18 * Tue Jul 8 2025 Benjamin A. Beasley - 0.7.17-1 - Update to 0.7.17 * Sat Jun 28 2025 Benjamin A. Beasley - 0.7.16-1 - Update to 0.7.16 (close RHBZ#2374368) * Sat Jun 28 2025 Benjamin A. Beasley - 0.7.15-1 - Update to 0.7.15 * Thu Jun 26 2025 Benjamin A. Beasley - 0.7.14-1 - Update to 0.7.14 * Thu Jun 26 2025 Benjamin A. Beasley - 0.7.13-2 - Correctly patch out foreign deps. in bundled crates * Fri Jun 13 2025 Benjamin A. Beasley - 0.7.13-1 - Update to 0.7.13 (close RHBZ#2372600) * Mon Jun 9 2025 Benjamin A. Beasley - 0.7.12-1 - Update to 0.7.12 (close RHBZ#2370052) * Mon Jun 9 2025 Benjamin A. Beasley - 0.7.11-1 - Update to 0.7.11 * Mon Jun 9 2025 Benjamin A. Beasley - 0.7.10-1 - Update to 0.7.10 * Tue Jun 3 2025 Python Maint - 0.7.9-2 - Rebuilt for Python 3.14 * Sat May 31 2025 Benjamin A. Beasley - 0.7.9-1 - Update to 0.7.9 (close RHBZ#2369520) * Sun May 25 2025 Benjamin A. Beasley - 0.7.8-1 - Update to 0.7.8 (close RHBZ#2368082) * Tue May 20 2025 Benjamin A. Beasley - 0.7.6-1 - Update to 0.7.6 (close RHBZ#2367412) * Sat May 17 2025 Benjamin A. Beasley - 0.7.5-1 -Update to 0.7.5 (close RHBZ#2362369) * Sat May 17 2025 Benjamin A. Beasley - 0.7.4-1 - Update to 0.7.4 * Fri May 16 2025 Benjamin A. Beasley - 0.7.3-1 - Update to 0.7.3 * Fri May 9 2025 Benjamin A. Beasley - 0.7.2-1 - Update to 0.7.2 * Fri May 9 2025 Benjamin A. Beasley - 0.7.1-1 - Update to 0.7.1 * Fri May 9 2025 Benjamin A. Beasley - 0.7.0-1 - Update to 0.7.0 * Fri May 9 2025 Benjamin A. Beasley - 0.6.17-2 - F41+: Use the provisional pyproject declarative buildsystem * Mon May 5 2025 Benjamin A. Beasley - 0.6.17-1 - Update to 0.6.17 * Fri Apr 25 2025 Benjamin A. Beasley - 0.6.16-3 - Fix a typo in the LICENSE expression (missing AND) * Fri Apr 25 2025 Benjamin A. Beasley - 0.6.16-2 - Update ron to 0.10 * Tue Apr 22 2025 Benjamin A. Beasley - 0.6.16-1 - Update to 0.6.16 (close RHBZ#2361554) - Update the License expression, primarily due to rust-idna 1.x * Sat Apr 12 2025 Benjamin A. Beasley - 0.6.14-2 - Patch bundled pubgrub/version-ranges fork for ron 0.9.0 final * Thu Apr 10 2025 Benjamin A. Beasley - 0.6.14-1 - Update to 0.6.14 (close RHBZ#2358749) * Tue Apr 8 2025 Benjamin A. Beasley - 0.6.13-1 - Update to 0.6.13 (close RHBZ#2358054) * Sat Apr 5 2025 Benjamin A. Beasley - 0.6.12-2 - Let LICENSE.dependencies be installed in the .dist-info * Fri Apr 4 2025 Benjamin A. Beasley - 0.6.12-1 - Initial package (close RHBZ#2357473) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2360699 - ruff-0.14.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2360699 [ 2 ] Bug #2402441 - rust-reqsign-core-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402441 [ 3 ] Bug #2402442 - rust-reqsign-command-execute-tokio-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402442 [ 4 ] Bug #2402443 - rust-reqsign-http-send-reqwest-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402443 [ 5 ] Bug #2402881 -python-uv-build-0.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402881 [ 6 ] Bug #2402923 - uv-0.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402923 [ 7 ] Bug #2405474 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar Vulnerable to PAX Header Desynchronization [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2405474 [ 8 ] Bug #2405476 - CVE-2025-62518 uv: astral-tokio-tar Vulnerable to PAX Header Desynchronization [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2405476 [ 9 ] Bug #2406135 - ruff-0.14.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2406135 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-a77c1f005b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . -------------------------------------------------------------------------------- Fedora Update Notif. https, //github, com/astral-sh/uv/blob/0, 5/changelog, since, built, astral-toki. .Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 03, 2025 Important Fedora
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here