Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 2 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraimportant

Fedora 41: Crucial Rootless Enhancement for xwayland-satellite Update

Update niri to version 25.08 and xwayland-satellite to version 0.7. Notably, niri now supports xwayland out-of-the-box without manual configuration, and reading keyboard layout from org.freedesktop.locale1. Release notes: https://github.com/niri-wm/niri/releases/tag/v25.08. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-2bcbe8b09c 2025-09-13 02:42:15.995376+00:00 -------------------------------------------------------------------------------- Name : xwayland-satellite Product : Fedora 41 Version : 0.7 Release : 1.fc41 URL : https://github.com/Supreeeme/xwayland-satellite Summary : Rootless Xwayland integration for Wayland compositors Description : xwayland-satellite grants rootless Xwayland integration to any Wayland compositor implementing xdg_wm_base and viewporter. This is particularly useful for compositors that (understandably) do not want to go through implementing support for rootless Xwayland themselves. -------------------------------------------------------------------------------- Update Information: Update niri to version 25.08 and xwayland-satellite to version 0.7. Notably, niri now supports xwayland out-of-the-box without manual configuration, and reading keyboard layout from org.freedesktop.locale1. Release notes: https://github.com/niri-wm/niri/releases/tag/v25.08 https://github.com/Supreeeme/xwayland-satellite/releases/tag/v0.7 -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 4 2025 Fabio Valentini - 0.7-1 - Update to version 0.7; Fixes RHBZ#2389095 * Fri Jul 25 2025 Fedora Release Engineering - 0.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2392002 - CVE-2025-58160 niri: Tracing log pollution [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2392002 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-2bcbe8b09c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . The latest xwayland-satellite update in Fedora 41 brings enhancements for keyboard configurations and seamless rootless functionality.. Fedora 41,xwayland-satellite,rootless integration,niri update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 13, 2025 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraimportant

Fedora 41: uv Important Tracing Log Pollution Fix FEDORA-2025-c71f0af9b2

Security fix for CVE-2025-58160: rebuilt uv and python-uv-build with rust- tracing-subscriber 0.3.20. Initial package for rust-secret-service in Fedora 43 (previously a retired package).. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-c71f0af9b2 2025-09-13 02:42:15.995323+00:00 -------------------------------------------------------------------------------- Name : uv Product : Fedora 41 Version : 0.8.11 Release : 2.fc41 URL : https://github.com/astral-sh/uv Summary : An extremely fast Python package installer and resolver, written in Rust Description : An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: \u2022 \u2696\ufe0f Drop-in replacement for common pip, pip-tools, and virtualenv commands. \u2022 \u26a1\ufe0f 10-100x faster than pip and pip-tools (pip-compile and pip-sync). \u2022 \U0001f4be Disk-space efficient, with a global cache for dependency deduplication. \u2022 \U0001f40d Installable via curl, pip, pipx, etc. uv is a static binary that can be installed without Rust or Python. \u2022 \U0001f9ea Tested at-scale against the top 10,000 PyPI packages. \u2022 \U0001f5a5\ufe0f Support for macOS, Linux, and Windows. \u2022 \U0001f9f0 Advanced features such as dependency version overrides and alternative resolution strategies. \u2022 \u2049\ufe0f Best-in-class error messages with a conflict-tracking resolver. \u2022 \U0001f91d Support for a wide range of advanced pip features, including editable installs, Git dependencies, direct URL dependencies, local dependencies, constraints, source distributions, HTML and JSON indexes, and more. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2025-58160: rebuilt uv and python-uv-build with rust- tracing-subscriber 0.3.20. Initial package forrust-secret-service in Fedora 43 (previously a retired package). -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 2 2025 Benjamin A. Beasley - 0.8.11-2 - Rebuilt with rust-tracing-subscriber-0.3.20 - Fixes CVE-2025-58160: fixes RHBZ#2392055, fixes RHBZ#2392012, fixes RHBZ#2391975 * Sat Aug 16 2025 Benjamin A. Beasley - 0.8.11-1 - Update to 0.8.11 (close RHBZ#2388413) * Sat Aug 16 2025 Benjamin A. Beasley - 0.8.10-1 - Update to 0.8.10 * Fri Aug 15 2025 Python Maint - 0.8.9-2 - Rebuilt for Python 3.14.0rc2 bytecode * Wed Aug 13 2025 Benjamin A. Beasley - 0.8.9-1 - Update to 0.8.9 (close RHBZ#2387762) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2389401 - Review Request: rust-secret-service - Library to interface with Secret Service API https://bugzilla.redhat.com/show_bug.cgi?id=2389401 [ 2 ] Bug #2392012 - CVE-2025-58160 uv: Tracing log pollution [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2392012 [ 3 ] Bug #2392998 - rust-secret-service-5.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2392998 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-c71f0af9b2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Update for Fedora 41 uv package resolving data logging contamination problem stemming from CVE-2025-58160.. Fedora 41, Python Package Manager, Security Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 13, 2025 Important Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraimportant

Fedora 43: ruff Update for CVE-2025-58160 Important Tracing Log Pollution

Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-91981ea84d 2025-09-12 19:20:52.462083+00:00 -------------------------------------------------------------------------------- Name : ruff Product : Fedora 43 Version : 0.11.5 Release : 7.fc43 URL : https://github.com/astral-sh/ruff Summary : Extremely fast Python linter and code formatter Description : An extremely fast Python linter and code formatter, written in Rust. Ruff aims to be orders of magnitude faster than alternative tools while integrating more functionality behind a single, common interface. Ruff can be used to replace Flake8 (plus dozens of plugins), Black, isort, pydocstyle, pyupgrade, autoflake, and more, all while executing tens or hundreds of times faster than any individual tool. -------------------------------------------------------------------------------- Update Information: Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160. -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 2 2025 Fabio Valentini - 0.11.5-7 - Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2391973 - CVE-2025-58160 ruff: Tracing log pollution [epel-10] https://bugzilla.redhat.com/show_bug.cgi?id=2391973 [ 2 ] Bug #2392006 - CVE-2025-58160 ruff: Tracing log pollution [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2392006 [ 3 ] Bug #2392045 - CVE-2025-58160 ruff: Tracing log pollution [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2392045 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-91981ea84d' at thecommand line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . The recent Fedora 43 ruff patch for CVE-2025-58160 effectively resolves concerns regarding log contamination associated with this Python linter.. Fedora 43,Ruff,Python Linter,CVE-2025-58160,Update Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 12, 2025 Important Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora 43: Rustup Critical Tracing Log Pollution CVE-2025-58160

Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-597afa65a9 2025-09-12 19:20:52.461961+00:00 -------------------------------------------------------------------------------- Name : rustup Product : Fedora 43 Version : 1.28.2 Release : 6.fc43 URL : https://github.com/rust-lang/rustup Summary : Manage multiple rust installations with ease Description : Manage multiple rust installations with ease. -------------------------------------------------------------------------------- Update Information: Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160. -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 2 2025 Fabio Valentini - 1.28.2-6 - Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2392009 - CVE-2025-58160 rustup: Tracing log pollution [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2392009 [ 2 ] Bug #2392049 - CVE-2025-58160 rustup: Tracing log pollution [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2392049 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-597afa65a9' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Mitigate excessive tracing log overflow during Rustup updates in Fedora 43. Implement current security fixes to bolster system integrity.. Rustup Security, Fedora Update, Tracing Log Pollution, Critical Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 12, 2025 Critical Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora 43 bustle Critical Tracing Log Pollution Fix CVE-2025-58160

Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-4b143118b8 2025-09-12 19:20:52.461944+00:00 -------------------------------------------------------------------------------- Name : bustle Product : Fedora 43 Version : 0.12.0 Release : 3.fc43 URL : Summary : Visualize D-Bus activity Description : Bustle draws sequence diagrams of D-Bus activity, showing signal emissions, method calls and their corresponding returns, with timestamps for each individual event and the duration of each method call. This can help you check for unwanted D-Bus traffic, and pinpoint why your D-Bus-based application isn't performing as well as you like. It also provides statistics like signal frequencies and average method call times. -------------------------------------------------------------------------------- Update Information: Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160. -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 2 2025 Fabio Valentini - 0.12.0-3 - Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2391985 - CVE-2025-58160 bustle: Tracing log pollution [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2391985 [ 2 ] Bug #2392019 - CVE-2025-58160 bustle: Tracing log pollution [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2392019 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-4b143118b8' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages aresigned with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Revamp of bustle for Fedora 43 targets the mitigation of log pollution, prioritizing the resolution of CVE-2025-58160 identified as a severe vulnerability.. Fedora 43 bustle CVE-2025-58160 D-Bus activity update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 12, 2025 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraimportant

Fedora 41: ruff Important Tracing Log Pollution Vuln 2025-5ba89a2c48

Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-5ba89a2c48 2025-09-12 02:30:53.358177+00:00 -------------------------------------------------------------------------------- Name : ruff Product : Fedora 41 Version : 0.11.5 Release : 7.fc41 URL : https://github.com/astral-sh/ruff Summary : Extremely fast Python linter and code formatter Description : An extremely fast Python linter and code formatter, written in Rust. Ruff aims to be orders of magnitude faster than alternative tools while integrating more functionality behind a single, common interface. Ruff can be used to replace Flake8 (plus dozens of plugins), Black, isort, pydocstyle, pyupgrade, autoflake, and more, all while executing tens or hundreds of times faster than any individual tool. -------------------------------------------------------------------------------- Update Information: Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160. -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 2 2025 Fabio Valentini - 0.11.5-7 - Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160 * Fri Aug 15 2025 Python Maint - 0.11.5-6 - Rebuilt for Python 3.14.0rc2 bytecode -------------------------------------------------------------------------------- References: [ 1 ] Bug #2391973 - CVE-2025-58160 ruff: Tracing log pollution [epel-10] https://bugzilla.redhat.com/show_bug.cgi?id=2391973 [ 2 ] Bug #2392006 - CVE-2025-58160 ruff: Tracing log pollution [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2392006 [ 3 ] Bug #2392045 - CVE-2025-58160 ruff: Tracing log pollution [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2392045 -------------------------------------------------------------------------------- This update can be installed with the"dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-5ba89a2c48' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Essential patch for Fedora 41 targeting tracing log contamination in ruff-driven utilities, causing notable repercussions.. Fedora 41, ruff security, Python linter update, tracing pollutions. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 12, 2025 Important Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora 42: Ruff Critical Update CVE-2025-58160 Tracing Log Pollution

Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-a8501d6717 2025-09-12 02:06:02.138626+00:00 -------------------------------------------------------------------------------- Name : ruff Product : Fedora 42 Version : 0.11.5 Release : 7.fc42 URL : https://github.com/astral-sh/ruff Summary : Extremely fast Python linter and code formatter Description : An extremely fast Python linter and code formatter, written in Rust. Ruff aims to be orders of magnitude faster than alternative tools while integrating more functionality behind a single, common interface. Ruff can be used to replace Flake8 (plus dozens of plugins), Black, isort, pydocstyle, pyupgrade, autoflake, and more, all while executing tens or hundreds of times faster than any individual tool. -------------------------------------------------------------------------------- Update Information: Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160. -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 2 2025 Fabio Valentini - 0.11.5-7 - Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160 * Fri Aug 15 2025 Python Maint - 0.11.5-6 - Rebuilt for Python 3.14.0rc2 bytecode -------------------------------------------------------------------------------- References: [ 1 ] Bug #2391973 - CVE-2025-58160 ruff: Tracing log pollution [epel-10] https://bugzilla.redhat.com/show_bug.cgi?id=2391973 [ 2 ] Bug #2392006 - CVE-2025-58160 ruff: Tracing log pollution [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2392006 [ 3 ] Bug #2392045 - CVE-2025-58160 ruff: Tracing log pollution [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2392045 -------------------------------------------------------------------------------- This update can be installed with the"dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-a8501d6717' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Ruff receives a significant enhancement in Fedora 42 addressing tracing log contamination for CVE-2025-58161. Keep your systems safe!. Ruff Update,Fedora Security,Critical Fix,Python Linter. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 12, 2025 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysecurity issuefedora

Fedora 42: Important Tracing Log Update for CVE-2025-58160 Security Fix

Security fix for CVE-2025-58160: rebuilt uv and python-uv-build with rust- tracing-subscriber 0.3.20. Initial package for rust-secret-service in Fedora 43 (previously a retired package).. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-d757bc292e 2025-09-12 02:06:02.138559+00:00 -------------------------------------------------------------------------------- Name : uv Product : Fedora 42 Version : 0.8.11 Release : 2.fc42 URL : https://github.com/astral-sh/uv Summary : An extremely fast Python package installer and resolver, written in Rust Description : An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: \u2022 \u2696\ufe0f Drop-in replacement for common pip, pip-tools, and virtualenv commands. \u2022 \u26a1\ufe0f 10-100x faster than pip and pip-tools (pip-compile and pip-sync). \u2022 \U0001f4be Disk-space efficient, with a global cache for dependency deduplication. \u2022 \U0001f40d Installable via curl, pip, pipx, etc. uv is a static binary that can be installed without Rust or Python. \u2022 \U0001f9ea Tested at-scale against the top 10,000 PyPI packages. \u2022 \U0001f5a5\ufe0f Support for macOS, Linux, and Windows. \u2022 \U0001f9f0 Advanced features such as dependency version overrides and alternative resolution strategies. \u2022 \u2049\ufe0f Best-in-class error messages with a conflict-tracking resolver. \u2022 \U0001f91d Support for a wide range of advanced pip features, including editable installs, Git dependencies, direct URL dependencies, local dependencies, constraints, source distributions, HTML and JSON indexes, and more. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2025-58160: rebuilt uv and python-uv-build with rust- tracing-subscriber 0.3.20. Initial package forrust-secret-service in Fedora 43 (previously a retired package). -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 2 2025 Benjamin A. Beasley - 0.8.11-2 - Rebuilt with rust-tracing-subscriber-0.3.20 - Fixes CVE-2025-58160: fixes RHBZ#2392055, fixes RHBZ#2392012, fixes RHBZ#2391975 * Sat Aug 16 2025 Benjamin A. Beasley - 0.8.11-1 - Update to 0.8.11 (close RHBZ#2388413) * Sat Aug 16 2025 Benjamin A. Beasley - 0.8.10-1 - Update to 0.8.10 * Fri Aug 15 2025 Python Maint - 0.8.9-2 - Rebuilt for Python 3.14.0rc2 bytecode * Wed Aug 13 2025 Benjamin A. Beasley - 0.8.9-1 - Update to 0.8.9 (close RHBZ#2387762) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2389401 - Review Request: rust-secret-service - Library to interface with Secret Service API https://bugzilla.redhat.com/show_bug.cgi?id=2389401 [ 2 ] Bug #2392055 - CVE-2025-58160 uv: Tracing log pollution [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2392055 [ 3 ] Bug #2392364 - F42FailsToInstall: rust-secret-service+rt-async-io-crypto-openssl-devel, rust-secret-service+rt-async-io-crypto-rust-devel, rust-secret-service+rt-tokio-crypto-openssl-devel, rust-secret-service+rt-tokio-crypto-rust-devel, rust-secret-service-devel https://bugzilla.redhat.com/show_bug.cgi?id=2392364 [ 4 ] Bug #2392998 - rust-secret-service-5.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2392998 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-d757bc292e' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Fedora 42 introduces a security patch addressing CVE-2025-58160, enhancing system safety via improved tracing logging capabilities.. Fedora security updates, uv package installer, rust security fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 12, 2025 Important Fedora
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here