Stay Secure with the Latest Linux Advisories

security advisoryfedorasystem hardening

Fedora 43: Foomuuri D-Bus Fixes & System Hardening Advisories

Upstream update to v0.31 with fixes to CVE-2025-67603 and CVE-2025-67858. CVE-2025-67603: Add PolicyKit authorization to D-Bus methods. CVE-2025-67858: Verify interface input parameter on D-Bus methods. Security hardening: Add ProtectSystem=full to all systemd service files. This changes /etc. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-429edf2dcf 2026-01-09 17:20:33.079067+00:00 -------------------------------------------------------------------------------- Name : foomuuri Product : Fedora 43 Version : 0.31 Release : 1.fc43 URL : https://github.com/FoobarOy/foomuuri Summary : Multizone bidirectional nftables firewall Description : Foomuuri is a firewall generator for nftables based on the concept of zones. It is suitable for all systems from personal machines to corporate firewalls, and supports advanced features such as a rich rule language, IPv4/IPv6 rule splitting, dynamic DNS lookups, a D-Bus API and FirewallD emulation for NetworkManager's zone support. -------------------------------------------------------------------------------- Update Information: Upstream update to v0.31 with fixes to CVE-2025-67603 and CVE-2025-67858. CVE-2025-67603: Add PolicyKit authorization to D-Bus methods. CVE-2025-67858: Verify interface input parameter on D-Bus methods. Security hardening: Add ProtectSystem=full to all systemd service files. This changes /etc to read-only for all Foomuuri processes. Make sure you don't write any state files there in your startup hook or Foomuuri Monitor event hook. Change umask to 022 when using --fork to fork as a background daemon process. More strict IP address verify for iplist entries. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 7 2026 Kim B. Heino - 0.31-1 - Upgrade to 0.31 - CVE-2025-67603: Add PolicyKit authorization to D-Bus methods - CVE-2025-67858: Verifyinterface input parameter on D-Bus methods -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-429edf2dcf' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Foomuuri multizone firewall for Fedora 43 receives critical updates addressing security vulnerabilities for improved stability.. Fedora 43 updates, Foomuuri firewall, security enhancements, PolicyKit D-Bus fixes. . Severity: Important. LinuxSecurity.com Team

Jan 09, 2026 •Important Fedora