Fedora 41 Update: chromium-142.0.7444.59-1.fc41
Fedora 41 Update: mbedtls-2.28.10-2.fc41
Fedora 41 Update: mupen64plus-2.6.0-8.fc41
Fedora 41 Update: python-starlette-0.42.0-3.fc41
Fedora 41 Update: xen-4.19.3-7.fc41
Fedora 42 Update: chromium-142.0.7444.59-1.fc42
Fedora 42 Update: apptainer-1.4.4-1.fc42
Fedora 42 Update: mupen64plus-2.6.0-8.fc42
Fedora 42 Update: mingw-poppler-24.08.0-7.fc42
Fedora 42 Update: GeographicLib-2.5.2-1.fc42
Fedora 42 Update: fcitx5-skk-5.1.8-1.fc42
Fedora 42 Update: fcitx5-unikey-5.1.8-1.fc42
Fedora 42 Update: python-starlette-0.47.3-2.fc42
Fedora 42 Update: fcitx5-rime-5.1.12-1.fc42
Fedora 42 Update: libime-1.1.12-1.fc42
Fedora 42 Update: fcitx5-zhuyin-5.1.5-1.fc42
Fedora 42 Update: fcitx5-kkc-5.1.8-1.fc42
Fedora 42 Update: fcitx5-chewing-5.1.9-1.fc42
Fedora 42 Update: fcitx5-table-extra-5.1.9-1.fc42
Fedora 42 Update: fcitx5-sayura-5.1.5-1.fc42
Fedora 42 Update: fcitx5-qt-5.1.11-1.fc42
Fedora 42 Update: fcitx5-m17n-5.1.5-1.fc42
Fedora 42 Update: fcitx5-libthai-5.1.7-1.fc42
Fedora 42 Update: fcitx5-hangul-5.1.8-1.fc42
Fedora 42 Update: fcitx5-configtool-5.1.11-1.fc42
Fedora 42 Update: fcitx5-chinese-addons-5.1.10-1.fc42
Fedora 42 Update: fcitx5-5.1.16-1.fc42
Fedora 42 Update: fcitx5-anthy-5.1.8-1.fc42
Fedora 43 Update: webkitgtk-2.50.1-1.fc43
Fedora 43 Update: buildah-1.42.0-4.fc43
Fedora 43 Update: mupen64plus-2.6.0-8.fc43
Fedora 43 Update: apptainer-1.4.4-1.fc43
Fedora 43 Update: mingw-poppler-25.07.0-2.fc43
Fedora 43 Update: GeographicLib-2.5.2-1.fc43
[SECURITY] Fedora 41 Update: chromium-142.0.7444.59-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-916064e307
2025-11-07 02:35:35.301825+00:00
--------------------------------------------------------------------------------
Name : chromium
Product : Fedora 41
Version : 142.0.7444.59
Release : 1.fc41
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).
--------------------------------------------------------------------------------
Update Information:
Update to 142.0.7444.59
* High CVE-2025-12428: Type Confusion in V8
* High CVE-2025-12429: Inappropriate implementation in V8
* High CVE-2025-12430: Object lifecycle issue in Media
* High CVE-2025-12431: Inappropriate implementation in Extensions
* High CVE-2025-12432: Race in V8
* High CVE-2025-12433: Inappropriate implementation in V8
* High CVE-2025-12036: Inappropriate implementation in V8
* Medium CVE-2025-12434: Race in Storage
* Medium CVE-2025-12435: Incorrect security UI in Omnibox
* Medium CVE-2025-12436: Policy bypass in Extensions
* Medium CVE-2025-12437: Use after free in PageInfo
* Medium CVE-2025-12438: Use after free in Ozone
* Medium CVE-2025-12439: Inappropriate implementation in App-Bound
Encryption
* Low CVE-2025-12440: Inappropriate implementation in Autofill
* Medium CVE-2025-12441: Out of bounds read in V8
* Medium CVE-2025-12443: Out of bounds read in WebXR
* Low CVE-2025-12444: Incorrect security UI in Fullscreen UI
* Low CVE-2025-12445: Policy bypass in Extensions
* Low CVE-2025-12446: Incorrect security UI in SplitView
* Low CVE-2025-12447: Incorrect security UI in Omnibox
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 30 2025 Than Ngo [than@redhat.com] - 142.0.7444.59-1
- Update to 142.0.7444.59
* Refreshed ppc64le patches
* Refreshed system-brotli patch
* Refreshed clang++-unknown-argument patch
* Refreshed split-threshold-for-reg-with-hint patch
* Fixed some FTBFS caused by missing header files
* Fixed FTBFS caused by old rust compiler
* Fixed FTBFS caused by new glibc-2.42 in Rawhide
* Fixed FTBFS caused by old python-3.9.x in EL8/9
* Dropped obsoleted chromium-141-el9-ffmpeg-5.x-duration.patch for old ffmpeg on EL9
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-916064e307' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: mbedtls-2.28.10-2.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-fe7ea8bbdd
2025-11-07 02:35:35.301823+00:00
--------------------------------------------------------------------------------
Name : mbedtls
Product : Fedora 41
Version : 2.28.10
Release : 2.fc41
URL : https://www.trustedfirmware.org/projects/mbed-tls
Summary : Light-weight cryptographic and SSL/TLS library
Description :
Mbed TLS is a light-weight open source cryptographic and SSL/TLS
library written in C. Mbed TLS makes it easy for developers to include
cryptographic and SSL/TLS capabilities in their (embedded)
applications with as little hassle as possible.
--------------------------------------------------------------------------------
Update Information:
Backport CVE fixes from 3.6
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 1 2025 Jeremy Newton [mystro256@fedoraproject.org] - 2.28.10-2
- Backport CVE fixes from 3.6
* Sat Nov 1 2025 Jeremy Newton [mystro256@fedoraproject.org] - 2.28.10-1
- Update to 2.28.10
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2405368 - CVE-2025-59438 mbedtls: MbedTLS Padding oracle through timing of cipher error reporting [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2405368
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-fe7ea8bbdd' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: mupen64plus-2.6.0-8.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-2406078e57
2025-11-07 02:35:35.301818+00:00
--------------------------------------------------------------------------------
Name : mupen64plus
Product : Fedora 41
Version : 2.6.0
Release : 8.fc41
URL : http://www.mupen64plus.org/
Summary : Nintendo 64 Emulator
Description :
Mupen64plus is a Nintendo 64 Emulator.
This package includes all the plug-ins.
--------------------------------------------------------------------------------
Update Information:
Patch CVE-2025-29366 and CVE-2025-29366
There should be no change in behaviour.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 29 2025 David Auer [dreua@posteo.de] - 2.6.0-8
- Patch CVE-2025-29366 and CVE-2025-29366
* Thu Jul 24 2025 Fedora Release Engineering [releng@fedoraproject.org] - 2.6.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Fri Jan 17 2025 David Auer [dreua@posteo.de] - 2.6.0-4
- Fix build on rawhide (42)
* Wed Jan 8 2025 David Auer [dreua@posteo.de] - 2.6.0-3
- Add patch for the plugin search path
* Fri Dec 20 2024 David Auer [dreua@posteo.de] - 2.6.0-2
- Disable debug build
- Enable pic build
- Add optional build requirment speexdsp
- Lib symlink is now relative
* Sun Nov 24 2024 David Auer [dreua@posteo.de] - 2.6.0-1
- Updated to 2.6.0
* Mon Sep 2 2024 Miroslav Such?? [msuchy@redhat.com] - 2.5-24
- convert license to SPDX
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2392349 - CVE-2025-9688 mupen64plus: Mupen64Plus is_viewer.c write_is_viewer integer overflow [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2392349
[ 2 ] Bug #2393063 - CVE-2025-29366 mupen64plus: array overflow in the write_rdram_regs and write_rdram_regs functions [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2393063
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-2406078e57' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 41 Update: python-starlette-0.42.0-3.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-10d2e6260b
2025-11-07 02:35:35.301766+00:00
--------------------------------------------------------------------------------
Name : python-starlette
Product : Fedora 41
Version : 0.42.0
Release : 3.fc41
URL : https://www.starlette.io/
Summary : The little ASGI library that shines
Description :
Starlette is a lightweight ASGI framework/toolkit, which is ideal for building
async web services in Python.
It is production-ready, and gives you the following:
??? A lightweight, low-complexity HTTP web framework.
??? WebSocket support.
??? In-process background tasks.
??? Startup and shutdown events.
??? Test client built on requests.
??? CORS, GZip, Static Files, Streaming responses.
??? Session and Cookie support.
??? 100% test coverage.
??? 100% type annotated codebase.
??? Few hard dependencies.
??? Compatible with asyncio and trio backends.
??? Great overall performance against independent benchmarks.
--------------------------------------------------------------------------------
Update Information:
Backport security fix for CVE-2025-62727, GHSA-7f5h-v6xp-fcq8
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 29 2025 Benjamin A. Beasley [code@musicinmybrain.net] - 0.42.0-3
- Backport security fix for CVE-2025-62727, GHSA-7f5h-v6xp-fcq8
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-10d2e6260b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 41 Update: xen-4.19.3-7.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-48dc1c8c79
2025-11-07 02:35:35.301730+00:00
--------------------------------------------------------------------------------
Name : xen
Product : Fedora 41
Version : 4.19.3
Release : 7.fc41
URL : http://xen.org/
Summary : Xen is a virtual machine monitor
Description :
This package contains the XenD daemon and xm command line
tools, needed to manage virtual machines running under the
Xen hypervisor
--------------------------------------------------------------------------------
Update Information:
Incorrect removal of permissions on PCI device unplug [XSA-476,
CVE-2025-58149]
x86: Incorrect input sanitisation in Viridian hypercalls [XSA-475,
CVE-2025-58147, CVE-2025-58148]
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 24 2025 Michael Young [m.a.young@durham.ac.uk] - 4.19.3-7
- Incorrect removal of permissions on PCI device unplug [XSA-476,
CVE-2025-58149]
* Tue Oct 21 2025 Michael Young [m.a.young@durham.ac.uk] - 4.19.3-5
- x86: Incorrect input sanitisation in Viridian hypercalls [XSA-475,
CVE-2025-58147, CVE-2025-58148]
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-48dc1c8c79' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: chromium-142.0.7444.59-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-7c0b3fa81f
2025-11-07 01:27:09.764884+00:00
--------------------------------------------------------------------------------
Name : chromium
Product : Fedora 42
Version : 142.0.7444.59
Release : 1.fc42
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).
--------------------------------------------------------------------------------
Update Information:
Update to 142.0.7444.59
* High CVE-2025-12428: Type Confusion in V8
* High CVE-2025-12429: Inappropriate implementation in V8
* High CVE-2025-12430: Object lifecycle issue in Media
* High CVE-2025-12431: Inappropriate implementation in Extensions
* High CVE-2025-12432: Race in V8
* High CVE-2025-12433: Inappropriate implementation in V8
* High CVE-2025-12036: Inappropriate implementation in V8
* Medium CVE-2025-12434: Race in Storage
* Medium CVE-2025-12435: Incorrect security UI in Omnibox
* Medium CVE-2025-12436: Policy bypass in Extensions
* Medium CVE-2025-12437: Use after free in PageInfo
* Medium CVE-2025-12438: Use after free in Ozone
* Medium CVE-2025-12439: Inappropriate implementation in App-Bound
Encryption
* Low CVE-2025-12440: Inappropriate implementation in Autofill
* Medium CVE-2025-12441: Out of bounds read in V8
* Medium CVE-2025-12443: Out of bounds read in WebXR
* Low CVE-2025-12444: Incorrect security UI in Fullscreen UI
* Low CVE-2025-12445: Policy bypass in Extensions
* Low CVE-2025-12446: Incorrect security UI in SplitView
* Low CVE-2025-12447: Incorrect security UI in Omnibox
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 30 2025 Than Ngo [than@redhat.com] - 142.0.7444.59-1
- Update to 142.0.7444.59
* Refreshed ppc64le patches
* Refreshed system-brotli patch
* Refreshed clang++-unknown-argument patch
* Refreshed split-threshold-for-reg-with-hint patch
* Fixed some FTBFS caused by missing header files
* Fixed FTBFS caused by old rust compiler
* Fixed FTBFS caused by new glibc-2.42 in Rawhide
* Fixed FTBFS caused by old python-3.9.x in EL8/9
* Dropped obsoleted chromium-141-el9-ffmpeg-5.x-duration.patch for old ffmpeg on EL9
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-7c0b3fa81f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: apptainer-1.4.4-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-ee38edca98
2025-11-07 01:27:09.764870+00:00
--------------------------------------------------------------------------------
Name : apptainer
Product : Fedora 42
Version : 1.4.4
Release : 1.fc42
URL : https://apptainer.org
Summary : Application and environment virtualization formerly known as Singularity
Description :
Apptainer provides functionality to make portable
containers that can be used across host environments.
--------------------------------------------------------------------------------
Update Information:
Update to upstream 1.4.4.
This was built with golang-1.24.9 so it addresses CVE-2025-61723,
CVE-2025-61725, CVE-2025-58183, CVE-2025-58185, CVE-2025-58188, and
CVE-2025-58189.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 29 2025 Dave Dykstra [dwd@cern.ch] - 1.4.4-1
- Update to upstream 1.4.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2407844 - CVE-2025-58189 apptainer: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2407844
[ 2 ] Bug #2408628 - CVE-2025-61725 apptainer: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408628
[ 3 ] Bug #2409311 - CVE-2025-61723 apptainer: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409311
[ 4 ] Bug #2410263 - CVE-2025-58185 apptainer: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410263
[ 5 ] Bug #2411175 - CVE-2025-58188 apptainer: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411175
[ 6 ] Bug #2412744 - CVE-2025-58183 apptainer: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412744
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-ee38edca98' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: mupen64plus-2.6.0-8.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-7a40e176ed
2025-11-07 01:27:09.764867+00:00
--------------------------------------------------------------------------------
Name : mupen64plus
Product : Fedora 42
Version : 2.6.0
Release : 8.fc42
URL : http://www.mupen64plus.org/
Summary : Nintendo 64 Emulator
Description :
Mupen64plus is a Nintendo 64 Emulator.
This package includes all the plug-ins.
--------------------------------------------------------------------------------
Update Information:
Patch CVE-2025-29366 and CVE-2025-29366
There should be no change in behaviour.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 29 2025 David Auer [dreua@posteo.de] - 2.6.0-8
- Patch CVE-2025-29366 and CVE-2025-29366
* Thu Jul 24 2025 Fedora Release Engineering [releng@fedoraproject.org] - 2.6.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2392350 - CVE-2025-9688 mupen64plus: Mupen64Plus is_viewer.c write_is_viewer integer overflow [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2392350
[ 2 ] Bug #2393064 - CVE-2025-29366 mupen64plus: array overflow in the write_rdram_regs and write_rdram_regs functions [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2393064
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-7a40e176ed' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: mingw-poppler-24.08.0-7.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-591ef9306a
2025-11-07 01:27:09.764783+00:00
--------------------------------------------------------------------------------
Name : mingw-poppler
Product : Fedora 42
Version : 24.08.0
Release : 7.fc42
URL : http://poppler.freedesktop.org/
Summary : MinGW Windows Poppler library
Description :
MinGW Windows Poppler library.
--------------------------------------------------------------------------------
Update Information:
Backport fix for CVE-2025.52885.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 29 2025 Sandro Mani [manisandro@gmail.com] - 24.08.0-7
- Backport patch for CVE-2025-52885
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2403485 - CVE-2025-52885 mingw-poppler: Use-After-Free in StructTreeRoot class [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2403485
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-591ef9306a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: GeographicLib-2.5.2-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-65e3f233bf
2025-11-07 01:27:09.764780+00:00
--------------------------------------------------------------------------------
Name : GeographicLib
Product : Fedora 42
Version : 2.5.2
Release : 1.fc42
URL : https://github.com/geographiclib/geographiclib
Summary : Library for geographic coordinate transformations
Description :
GeographicLib is a small set of C++ classes for performing conversions
between geographic, UTM, UPS, MGRS, geocentric, and local Cartesian
coordinates, for gravity (e.g., EGM2008), geoid height and geomagnetic
field (e.g., WMM2010) calculations, and for solving geodesic problems.
The emphasis is on returning accurate results with errors close to round-off
(about 5???15 nanometers). New accurate algorithms for Geodesics on an
ellipsoid of revolution and Transverse Mercator projection have been
developed for this library. The functionality of the library can be accessed
from user code, from the Utility programs provided, or via the
Implementations in other languages.
--------------------------------------------------------------------------------
Update Information:
Update to GeographicLib-2.5.2, fixes CVE-2025-60751.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 29 2025 Sandro Mani [manisandro@gmail.com] - 2.5.2-1
- Update to 2.5.2
* Wed Jul 23 2025 Fedora Release Engineering [releng@fedoraproject.org] - 2.5-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sun Jul 20 2025 Sandro Mani [manisandro@gmail.com] - 2.5-5
- Fix bad requires
* Sat Jul 19 2025 Python Maint - 2.5-4
- Rebuilt for Python 3.14
* Fri Jul 18 2025 Sandro Mani [manisandro@gmail.com] - 2.5-3
- Drop python subpackages, they now live in python-geographiclib
* Mon Jun 2 2025 Python Maint - 2.5-2
- Rebuilt for Python 3.14
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2405440 - CVE-2025-60751 GeographicLib: GeographicLib buffer overflow [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2405440
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-65e3f233bf' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 42 Update: fcitx5-skk-5.1.8-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d11261d473
2025-11-07 01:27:09.764769+00:00
--------------------------------------------------------------------------------
Name : fcitx5-skk
Product : Fedora 42
Version : 5.1.8
Release : 1.fc42
URL : https://github.com/fcitx/fcitx5-skk
Summary : Japanese SKK (Simple Kana Kanji) Engine for Fcitx5
Description :
Fcitx5-skk is an SKK (Simple Kana Kanji) engine for Fcitx. It provides
Japanese input method using libskk.
--------------------------------------------------------------------------------
Update Information:
fcitx5-5.1.16 update
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 26 2025 Qiyu Yan [yanqiyu@fedoraproject.org] - 5.1.8-1
- update to upstream release 5.1.8
* Wed Jul 23 2025 Fedora Release Engineering [releng@fedoraproject.org] - 5.1.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d11261d473' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: fcitx5-unikey-5.1.8-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d11261d473
2025-11-07 01:27:09.764769+00:00
--------------------------------------------------------------------------------
Name : fcitx5-unikey
Product : Fedora 42
Version : 5.1.8
Release : 1.fc42
URL : https://github.com/fcitx/fcitx5-unikey
Summary : Unikey support for Fcitx5
Description :
Unikey (Vietnamese Input Method) engine support for Fcitx5.
--------------------------------------------------------------------------------
Update Information:
fcitx5-5.1.16 update
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 26 2025 Qiyu Yan [yanqiyu@fedoraproject.org] - 5.1.8-1
- update to upstream release 5.1.8
* Wed Jul 23 2025 Fedora Release Engineering [releng@fedoraproject.org] - 5.1.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d11261d473' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: python-starlette-0.47.3-2.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-4520cf6bac
2025-11-07 01:27:09.764772+00:00
--------------------------------------------------------------------------------
Name : python-starlette
Product : Fedora 42
Version : 0.47.3
Release : 2.fc42
URL : https://www.starlette.io/
Summary : The little ASGI library that shines
Description :
Starlette is a lightweight ASGI framework/toolkit, which is ideal for building
async web services in Python.
It is production-ready, and gives you the following:
??? A lightweight, low-complexity HTTP web framework.
??? WebSocket support.
??? In-process background tasks.
??? Startup and shutdown events.
??? Test client built on requests.
??? CORS, GZip, Static Files, Streaming responses.
??? Session and Cookie support.
??? 100% test coverage.
??? 100% type annotated codebase.
??? Few hard dependencies.
??? Compatible with asyncio and trio backends.
??? Great overall performance against independent benchmarks.
--------------------------------------------------------------------------------
Update Information:
Backport security fix for CVE-2025-62727, GHSA-7f5h-v6xp-fcq8
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 28 2025 Benjamin A. Beasley [code@musicinmybrain.net] - 0.47.3-2
- Backport security fix for CVE-2025-62727, GHSA-7f5h-v6xp-fcq8
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-4520cf6bac' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 42 Update: fcitx5-rime-5.1.12-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d11261d473
2025-11-07 01:27:09.764769+00:00
--------------------------------------------------------------------------------
Name : fcitx5-rime
Product : Fedora 42
Version : 5.1.12
Release : 1.fc42
URL : https://github.com/fcitx/fcitx5-rime
Summary : RIME support for Fcitx
Description :
RIME(????????????????????????) is mainly a Traditional Chinese
input method engine.
--------------------------------------------------------------------------------
Update Information:
fcitx5-5.1.16 update
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 26 2025 Qiyu Yan [yanqiyu@fedoraproject.org] - 5.1.12-1
- update to upstream release 5.1.12
* Wed Jul 23 2025 Fedora Release Engineering [releng@fedoraproject.org] - 5.1.11-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d11261d473' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 42 Update: libime-1.1.12-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d11261d473
2025-11-07 01:27:09.764769+00:00
--------------------------------------------------------------------------------
Name : libime
Product : Fedora 42
Version : 1.1.12
Release : 1.fc42
URL : https://github.com/fcitx/libime
Summary : This is a library to support generic input method implementation
Description :
This is a library to support generic input method implementation.
--------------------------------------------------------------------------------
Update Information:
fcitx5-5.1.16 update
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 26 2025 Qiyu Yan [yanqiyu@fedoraproject.org] - 1.1.12-1
- update to upstream release 1.1.12
* Thu Jul 24 2025 Fedora Release Engineering [releng@fedoraproject.org] - 1.1.11-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d11261d473' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: fcitx5-zhuyin-5.1.5-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d11261d473
2025-11-07 01:27:09.764769+00:00
--------------------------------------------------------------------------------
Name : fcitx5-zhuyin
Product : Fedora 42
Version : 5.1.5
Release : 1.fc42
URL : https://github.com/fcitx/fcitx5-zhuyin
Summary : Libzhuyin Wrapper for Fcitx
Description :
Libzhuyin Wrapper for Fcitx.
--------------------------------------------------------------------------------
Update Information:
fcitx5-5.1.16 update
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 26 2025 Qiyu Yan [yanqiyu@fedoraproject.org] - 5.1.5-1
- update to upstream release 5.1.5
* Wed Jul 23 2025 Fedora Release Engineering [releng@fedoraproject.org] - 5.1.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d11261d473' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: fcitx5-kkc-5.1.8-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d11261d473
2025-11-07 01:27:09.764769+00:00
--------------------------------------------------------------------------------
Name : fcitx5-kkc
Product : Fedora 42
Version : 5.1.8
Release : 1.fc42
URL : https://github.com/fcitx/fcitx5-kkc
Summary : Libkkc input method support for Fcitx5
Description :
This provides libkkc input method support for fcitx5. Released under GPL3+.
--------------------------------------------------------------------------------
Update Information:
fcitx5-5.1.16 update
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 26 2025 Qiyu Yan [yanqiyu@fedoraproject.org] - 5.1.8-1
- update to upstream release 5.1.8
* Wed Jul 23 2025 Fedora Release Engineering [releng@fedoraproject.org] - 5.1.7-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d11261d473' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: fcitx5-chewing-5.1.9-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d11261d473
2025-11-07 01:27:09.764769+00:00
--------------------------------------------------------------------------------
Name : fcitx5-chewing
Product : Fedora 42
Version : 5.1.9
Release : 1.fc42
URL : https://github.com/fcitx/fcitx5-chewing
Summary : Chewing Wrapper for Fcitx
Description :
fcitx5-chewing is a Chewing Wrapper for Fcitx.
Chewing is a set of free intelligent Chinese
Phonetic IME.
--------------------------------------------------------------------------------
Update Information:
fcitx5-5.1.16 update
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 26 2025 Qiyu Yan [yanqiyu@fedoraproject.org] - 5.1.9-1
- update to upstream release 5.1.9
* Wed Jul 23 2025 Fedora Release Engineering [releng@fedoraproject.org] - 5.1.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d11261d473' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: fcitx5-table-extra-5.1.9-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d11261d473
2025-11-07 01:27:09.764769+00:00
--------------------------------------------------------------------------------
Name : fcitx5-table-extra
Product : Fedora 42
Version : 5.1.9
Release : 1.fc42
URL : https://github.com/fcitx/fcitx5-table-extra
Summary : Extra tables for Fcitx5
Description :
Extra tables for Fcitx5.
fcitx5-table-extra provides extra table for
Fcitx5, including Boshiamy, Zhengma, Cangjie,
and Quick.
--------------------------------------------------------------------------------
Update Information:
fcitx5-5.1.16 update
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 26 2025 Qiyu Yan [yanqiyu@fedoraproject.org] - 5.1.9-1
- update to upstream release 5.1.9
* Wed Jul 23 2025 Fedora Release Engineering [releng@fedoraproject.org] - 5.1.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d11261d473' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: fcitx5-sayura-5.1.5-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d11261d473
2025-11-07 01:27:09.764769+00:00
--------------------------------------------------------------------------------
Name : fcitx5-sayura
Product : Fedora 42
Version : 5.1.5
Release : 1.fc42
URL : https://github.com/fcitx/fcitx5-sayura
Summary : Sinhala Transe IME engine for Fcitx5
Description :
Fcitx-Sayura is a Sinhala input method
for Fcitx input method framework ported
from IBus-Sayura.
--------------------------------------------------------------------------------
Update Information:
fcitx5-5.1.16 update
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 26 2025 Qiyu Yan [yanqiyu@fedoraproject.org] - 5.1.5-1
- update to upstream release 5.1.5
* Wed Jul 23 2025 Fedora Release Engineering [releng@fedoraproject.org] - 5.1.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d11261d473' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: fcitx5-qt-5.1.11-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d11261d473
2025-11-07 01:27:09.764769+00:00
--------------------------------------------------------------------------------
Name : fcitx5-qt
Product : Fedora 42
Version : 5.1.11
Release : 1.fc42
URL : https://github.com/fcitx/fcitx5-qt
Summary : Qt library and IM module for fcitx5
Description :
Qt library and IM module for fcitx5.
--------------------------------------------------------------------------------
Update Information:
fcitx5-5.1.16 update
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 26 2025 Qiyu Yan [yanqiyu@fedoraproject.org] - 5.1.11-1
- update to upstream release 5.1.11
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d11261d473' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: fcitx5-m17n-5.1.5-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d11261d473
2025-11-07 01:27:09.764769+00:00
--------------------------------------------------------------------------------
Name : fcitx5-m17n
Product : Fedora 42
Version : 5.1.5
Release : 1.fc42
URL : https://github.com/fcitx/fcitx5-m17n
Summary : m17n Wrapper for Fcitx5
Description :
M17N is a large collection of input method, which can cover
quite a lot languages in the world, including Latin, Arabic,
etc.
--------------------------------------------------------------------------------
Update Information:
fcitx5-5.1.16 update
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 26 2025 Qiyu Yan [yanqiyu@fedoraproject.org] - 5.1.5-1
- update to upstream release 5.1.5
* Wed Jul 23 2025 Fedora Release Engineering [releng@fedoraproject.org] - 5.1.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d11261d473' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: fcitx5-libthai-5.1.7-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d11261d473
2025-11-07 01:27:09.764769+00:00
--------------------------------------------------------------------------------
Name : fcitx5-libthai
Product : Fedora 42
Version : 5.1.7
Release : 1.fc42
URL : https://github.com/fcitx/fcitx5-libthai
Summary : Libthai Wrapper for Fcitx5
Description :
Libthai Wrapper for Fcitx5.
--------------------------------------------------------------------------------
Update Information:
fcitx5-5.1.16 update
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 26 2025 Qiyu Yan [yanqiyu@fedoraproject.org] - 5.1.7-1
- update to upstream release 5.1.7
* Wed Jul 23 2025 Fedora Release Engineering [releng@fedoraproject.org] - 5.1.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d11261d473' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: fcitx5-hangul-5.1.8-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d11261d473
2025-11-07 01:27:09.764769+00:00
--------------------------------------------------------------------------------
Name : fcitx5-hangul
Product : Fedora 42
Version : 5.1.8
Release : 1.fc42
URL : https://github.com/fcitx/fcitx5-hangul
Summary : Hangul Wrapper for Fcitx5
Description :
Hangul Wrapper for Fcitx5.
--------------------------------------------------------------------------------
Update Information:
fcitx5-5.1.16 update
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 26 2025 Qiyu Yan [yanqiyu@fedoraproject.org] - 5.1.8-1
- update to upstream release 5.1.8
* Wed Jul 23 2025 Fedora Release Engineering [releng@fedoraproject.org] - 5.1.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d11261d473' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: fcitx5-configtool-5.1.11-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d11261d473
2025-11-07 01:27:09.764769+00:00
--------------------------------------------------------------------------------
Name : fcitx5-configtool
Product : Fedora 42
Version : 5.1.11
Release : 1.fc42
URL : https://github.com/fcitx/fcitx5-configtool
Summary : Configuration tools used by fcitx5
Description :
Configuration tools used by fcitx5.
--------------------------------------------------------------------------------
Update Information:
fcitx5-5.1.16 update
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 26 2025 Qiyu Yan [yanqiyu@fedoraproject.org] - 5.1.11-1
- update to upstream release 5.1.11
* Wed Jul 23 2025 Fedora Release Engineering [releng@fedoraproject.org] - 5.1.10-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d11261d473' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: fcitx5-chinese-addons-5.1.10-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d11261d473
2025-11-07 01:27:09.764769+00:00
--------------------------------------------------------------------------------
Name : fcitx5-chinese-addons
Product : Fedora 42
Version : 5.1.10
Release : 1.fc42
URL : https://github.com/fcitx/fcitx5-chinese-addons
Summary : Chinese related addon for fcitx5
Description :
This provides pinyin and table input method
support for fcitx5. Released under LGPL-2.1+.
im/pinyin/emoji.txt is derived from Unicode
CLDR with modification.
--------------------------------------------------------------------------------
Update Information:
fcitx5-5.1.16 update
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 26 2025 Qiyu Yan [yanqiyu@fedoraproject.org] - 5.1.10-1
- update to upstream release 5.1.10
* Wed Jul 23 2025 Fedora Release Engineering [releng@fedoraproject.org] - 5.1.9-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d11261d473' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: fcitx5-5.1.16-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d11261d473
2025-11-07 01:27:09.764769+00:00
--------------------------------------------------------------------------------
Name : fcitx5
Product : Fedora 42
Version : 5.1.16
Release : 1.fc42
URL : https://github.com/fcitx/fcitx5
Summary : Next generation of fcitx
Description :
Fcitx 5 is a generic input method framework released under LGPL-2.1+.
--------------------------------------------------------------------------------
Update Information:
fcitx5-5.1.16 update
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 26 2025 Qiyu Yan [yanqiyu@fedoraproject.org] - 5.1.16-1
- update to upstream release 5.1.16
* Sun Oct 26 2025 Qiyu Yan [yanqiyu@fedoraproject.org] - 5.1.15-1
- update to upstream release 5.1.15
* Wed Jul 23 2025 Fedora Release Engineering [releng@fedoraproject.org] - 5.1.13-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d11261d473' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: fcitx5-anthy-5.1.8-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d11261d473
2025-11-07 01:27:09.764769+00:00
--------------------------------------------------------------------------------
Name : fcitx5-anthy
Product : Fedora 42
Version : 5.1.8
Release : 1.fc42
URL : https://github.com/fcitx/fcitx5-anthy
Summary : Anthy Wrapper for Fcitx5
Description :
Anthy Wrapper for Fcitx5
Ported from scim-anthy. Released under GPL2+.
--------------------------------------------------------------------------------
Update Information:
fcitx5-5.1.16 update
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 26 2025 Qiyu Yan [yanqiyu@fedoraproject.org] - 5.1.8-1
- update to upstream release 5.1.8
* Wed Jul 23 2025 Fedora Release Engineering [releng@fedoraproject.org] - 5.1.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d11261d473' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 43 Update: webkitgtk-2.50.1-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-452a101260
2025-11-07 00:54:39.974741+00:00
--------------------------------------------------------------------------------
Name : webkitgtk
Product : Fedora 43
Version : 2.50.1
Release : 1.fc43
URL : https://www.webkitgtk.org/
Summary : GTK web content engine library
Description :
WebKitGTK is the port of the WebKit web rendering engine to the
GTK platform.
--------------------------------------------------------------------------------
Update Information:
Update to WebKitGTK 2.50.1:
Improve text rendering performance.
Fix audio playback broken on instagram.
Fix rendering of layers with fractional transforms.
Fix several crashes and rendering issues.
Fix CVE-2025-43343
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 10 2025 Michael Catanzaro [mcatanzaro@redhat.com] - 2.50.1-1
- Update to 2.50.1
* Mon Sep 29 2025 Tom Stellard [tstellar@redhat.com] - 2.50.0-3
- Backport upstream patch to fix build with clang-22
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-452a101260' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 43 Update: buildah-1.42.0-4.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-8f97b687c8
2025-11-07 00:54:39.974739+00:00
--------------------------------------------------------------------------------
Name : buildah
Product : Fedora 43
Version : 1.42.0
Release : 4.fc43
URL : https://buildah.io
Summary : A command line tool used for creating OCI Images
Description :
The buildah package provides a command line tool which can be used to
* create a working container from scratch
or
* create a working container from an image as a starting point
* mount/umount a working container's root file system for manipulation
* save container's root file system layer to create a new image
* delete a working container or an image
--------------------------------------------------------------------------------
Update Information:
Rebuild for security fixes in golang.
bump to v1.42.0
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 3 2025 Lokesh Mandvekar [lsm5@redhat.com] - 2:1.42.0-4
- Rebuild for CVE fixes
* Thu Oct 23 2025 Lokesh Mandvekar [lsm5@redhat.com] - 2:1.42.0-3
- cleanup changelog
* Thu Oct 23 2025 Lokesh Mandvekar [lsm5@redhat.com] - 2:1.42.0-2
- build with sequoia on f43+
* Wed Oct 22 2025 Packit [hello@packit.dev] - 2:1.42.0-1
- Update to 1.42.0 upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2408127 - CVE-2025-58189 buildah: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408127
[ 2 ] Bug #2408694 - CVE-2025-61725 buildah: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408694
[ 3 ] Bug #2409597 - CVE-2025-61723 buildah: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409597
[ 4 ] Bug #2410548 - CVE-2025-58185 buildah: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410548
[ 5 ] Bug #2411446 - CVE-2025-58188 buildah: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411446
[ 6 ] Bug #2412667 - CVE-2025-58183 buildah: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412667
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-8f97b687c8' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 43 Update: mupen64plus-2.6.0-8.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-123e2abe71
2025-11-07 00:54:39.974709+00:00
--------------------------------------------------------------------------------
Name : mupen64plus
Product : Fedora 43
Version : 2.6.0
Release : 8.fc43
URL : http://www.mupen64plus.org/
Summary : Nintendo 64 Emulator
Description :
Mupen64plus is a Nintendo 64 Emulator.
This package includes all the plug-ins.
--------------------------------------------------------------------------------
Update Information:
Patch CVE-2025-29366 and CVE-2025-29366
There should be no change in behaviour.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 29 2025 David Auer [dreua@posteo.de] - 2.6.0-8
- Patch CVE-2025-29366 and CVE-2025-29366
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-123e2abe71' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 43 Update: apptainer-1.4.4-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-061f320514
2025-11-07 00:54:39.974711+00:00
--------------------------------------------------------------------------------
Name : apptainer
Product : Fedora 43
Version : 1.4.4
Release : 1.fc43
URL : https://apptainer.org
Summary : Application and environment virtualization formerly known as Singularity
Description :
Apptainer provides functionality to make portable
containers that can be used across host environments.
--------------------------------------------------------------------------------
Update Information:
Update to upstream 1.4.4.
This was built with golang 1.25.3 which fixes CVE-2025-61723, CVE-2025-61725,
CVE-2025-58183, CVE-2025-58185, CVE-2025-58188, and CVE-2025-58189.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 29 2025 Dave Dykstra [dwd@cern.ch] - 1.4.4-1
- Update to upstream 1.4.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2407134 - apptainer-1.4.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2407134
[ 2 ] Bug #2408123 - CVE-2025-58189 apptainer: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408123
[ 3 ] Bug #2408693 - CVE-2025-61725 apptainer: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408693
[ 4 ] Bug #2409593 - CVE-2025-61723 apptainer: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409593
[ 5 ] Bug #2410544 - CVE-2025-58185 apptainer: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410544
[ 6 ] Bug #2411442 - CVE-2025-58188 apptainer: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411442
[ 7 ] Bug #2412665 - CVE-2025-58183 apptainer: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412665
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-061f320514' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 43 Update: mingw-poppler-25.07.0-2.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-8b329c399b
2025-11-07 00:54:39.974642+00:00
--------------------------------------------------------------------------------
Name : mingw-poppler
Product : Fedora 43
Version : 25.07.0
Release : 2.fc43
URL : http://poppler.freedesktop.org/
Summary : MinGW Windows Poppler library
Description :
MinGW Windows Poppler library.
--------------------------------------------------------------------------------
Update Information:
Backport fix for CVE-2025.52885.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 29 2025 Sandro Mani [manisandro@gmail.com] - 25.07.0-2
- Backport patch for CVE-2025-52885
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2403485 - CVE-2025-52885 mingw-poppler: Use-After-Free in StructTreeRoot class [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2403485
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-8b329c399b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 43 Update: GeographicLib-2.5.2-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-e5eb1e35e2
2025-11-07 00:54:39.974639+00:00
--------------------------------------------------------------------------------
Name : GeographicLib
Product : Fedora 43
Version : 2.5.2
Release : 1.fc43
URL : https://github.com/geographiclib/geographiclib
Summary : Library for geographic coordinate transformations
Description :
GeographicLib is a small set of C++ classes for performing conversions
between geographic, UTM, UPS, MGRS, geocentric, and local Cartesian
coordinates, for gravity (e.g., EGM2008), geoid height and geomagnetic
field (e.g., WMM2010) calculations, and for solving geodesic problems.
The emphasis is on returning accurate results with errors close to round-off
(about 5???15 nanometers). New accurate algorithms for Geodesics on an
ellipsoid of revolution and Transverse Mercator projection have been
developed for this library. The functionality of the library can be accessed
from user code, from the Utility programs provided, or via the
Implementations in other languages.
--------------------------------------------------------------------------------
Update Information:
Update to GeographicLib-2.5.2, fixes CVE-2025-60751.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 29 2025 Sandro Mani [manisandro@gmail.com] - 2.5.2-1
- Update to 2.5.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2405440 - CVE-2025-60751 GeographicLib: GeographicLib buffer overflow [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2405440
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-e5eb1e35e2' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
