Caddy update for Fedora 42

Fedora Linux 8959 Published by

New Caddy packages have been made available for Fedora Linux 42 to resolve several CVEs.

[SECURITY] Fedora 42 Update: caddy-2.10.0-1.fc42




[SECURITY] Fedora 42 Update: caddy-2.10.0-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-4518c12e2f
2025-04-29 01:11:54.267489+00:00
--------------------------------------------------------------------------------

Name : caddy
Product : Fedora 42
Version : 2.10.0
Release : 1.fc42
URL : https://caddyserver.com
Summary : Web server with automatic HTTPS
Description :
Caddy is an extensible server platform that uses TLS by default.

--------------------------------------------------------------------------------
Update Information:

Update to version 2.10.0. Aside from the new upstream features, this update also
refreshes many bundled dependencies, fixing a few CVEs.
https://github.com/caddyserver/caddy/releases/tag/v2.10.0
--------------------------------------------------------------------------------
ChangeLog:

* Sat Apr 19 2025 Carl George [carlwgeorge@fedoraproject.org] - 2.10.0-1
- Update to version 2.10.0 rhbz#2350493
- Resolves CVE-2025-22872
- Resolves CVE-2024-45339
- Resolves CVE-2025-22869
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2350493 - caddy-2.10.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2350493
[ 2 ] Bug #2360622 - CVE-2025-22872 caddy: Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2360622
[ 3 ] Bug #2361093 - CVE-2024-45339 caddy: Vulnerability when creating log files in github.com/golang/glog [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2361093
[ 4 ] Bug #2361094 - CVE-2025-22869 caddy: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2361094
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-4518c12e2f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--


visionOS 2.5 Beta 5, tvOS 18.5 Beta 5, watchOS 11.5 Beta 5, macOS 15.5 Beta 5, iOS 18.5 Beta 5 released

GlibC, Submariner, PHP updates for RHEL

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...