Fedora 41 Update: containers-common-0.64.2-1.fc41
Fedora 41 Update: buildah-1.41.4-1.fc41
Fedora 41 Update: podman-5.6.1-1.fc41
Fedora 42 Update: snapshot-48.0.1-2.fc42
Fedora 42 Update: python-flask-3.1.2-2.fc42
[SECURITY] Fedora 41 Update: containers-common-0.64.2-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-f9e142a4b0
2025-09-09 01:41:14.778487+00:00
--------------------------------------------------------------------------------
Name : containers-common
Product : Fedora 41
Version : 0.64.2
Release : 1.fc41
URL : https://github.com/containers/common
Summary : Common configuration and documentation for containers
Description :
This package contains common configuration files and documentation for container
tools ecosystem, such as Podman, Buildah and Skopeo.
It is required because the most of configuration files and docs come from projects
which are vendored into Podman, Buildah, Skopeo, etc. but they are not packaged
separately.
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2025-9566
Automatic update for containers-common-0.64.2-1.fc41, buildah-1.41.4-1.fc41,
podman-5.6.1-1.fc41.
Changelog for containers-common
* Wed Sep 03 2025 Packit [hello@packit.dev] - 5:0.64.2-1
- Update to 0.64.2 upstream release
Changelog for buildah
* Thu Sep 04 2025 Packit [hello@packit.dev] - 2:1.41.4-1
- Update to 1.41.4 upstream release
Changelog for podman
* Thu Sep 04 2025 Packit [hello@packit.dev] - 5:5.6.1-1
- Update to 5.6.1 upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 3 2025 Packit [hello@packit.dev] - 5:0.64.2-1
- Update to 0.64.2 upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2393153 - CVE-2025-9566 podman: Podman kube play command may overwrite host files [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2393153
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-f9e142a4b0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: buildah-1.41.4-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-f9e142a4b0
2025-09-09 01:41:14.778487+00:00
--------------------------------------------------------------------------------
Name : buildah
Product : Fedora 41
Version : 1.41.4
Release : 1.fc41
URL : https://buildah.io
Summary : A command line tool used for creating OCI Images
Description :
The buildah package provides a command line tool which can be used to
* create a working container from scratch
or
* create a working container from an image as a starting point
* mount/umount a working container's root file system for manipulation
* save container's root file system layer to create a new image
* delete a working container or an image
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2025-9566
Automatic update for containers-common-0.64.2-1.fc41, buildah-1.41.4-1.fc41,
podman-5.6.1-1.fc41.
Changelog for containers-common
* Wed Sep 03 2025 Packit [hello@packit.dev] - 5:0.64.2-1
- Update to 0.64.2 upstream release
Changelog for buildah
* Thu Sep 04 2025 Packit [hello@packit.dev] - 2:1.41.4-1
- Update to 1.41.4 upstream release
Changelog for podman
* Thu Sep 04 2025 Packit [hello@packit.dev] - 5:5.6.1-1
- Update to 5.6.1 upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 4 2025 Packit [hello@packit.dev] - 2:1.41.4-1
- Update to 1.41.4 upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2393153 - CVE-2025-9566 podman: Podman kube play command may overwrite host files [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2393153
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-f9e142a4b0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: podman-5.6.1-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-f9e142a4b0
2025-09-09 01:41:14.778487+00:00
--------------------------------------------------------------------------------
Name : podman
Product : Fedora 41
Version : 5.6.1
Release : 1.fc41
URL : https://podman.io/
Summary : Manage Pods, Containers and Container Images
Description :
podman (Pod Manager) is a fully featured container engine that is a simple
daemonless tool. podman provides a Docker-CLI comparable command line that
eases the transition from other container engines and allows the management of
pods, containers and images. Simply put: alias docker=podman.
Most podman commands can be run as a regular user, without requiring
additional privileges.
podman uses Buildah(1) internally to create container images.
Both tools share image (not container) storage, hence each can use or
manipulate images (but not containers) created by the other.
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2025-9566
Automatic update for containers-common-0.64.2-1.fc41, buildah-1.41.4-1.fc41,
podman-5.6.1-1.fc41.
Changelog for containers-common
* Wed Sep 03 2025 Packit [hello@packit.dev] - 5:0.64.2-1
- Update to 0.64.2 upstream release
Changelog for buildah
* Thu Sep 04 2025 Packit [hello@packit.dev] - 2:1.41.4-1
- Update to 1.41.4 upstream release
Changelog for podman
* Thu Sep 04 2025 Packit [hello@packit.dev] - 5:5.6.1-1
- Update to 5.6.1 upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 4 2025 Packit [hello@packit.dev] - 5:5.6.1-1
- Update to 5.6.1 upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2393153 - CVE-2025-9566 podman: Podman kube play command may overwrite host files [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2393153
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-f9e142a4b0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: snapshot-48.0.1-2.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-ed3d0ab54b
2025-09-09 01:28:38.281262+00:00
--------------------------------------------------------------------------------
Name : snapshot
Product : Fedora 42
Version : 48.0.1
Release : 2.fc42
URL : https://gitlab.gnome.org/GNOME/snapshot
Summary : Take pictures and videos
Description :
Take pictures and videos on your computer, tablet, or phone.
--------------------------------------------------------------------------------
Update Information:
Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 3 2025 Fabio Valentini [decathorpe@gmail.com] - 48.0.1-2
- Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2392051 - CVE-2025-58160 snapshot: Tracing log pollution [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2392051
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-ed3d0ab54b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: python-flask-3.1.2-2.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-55e69c9cea
2025-09-09 01:28:38.281244+00:00
--------------------------------------------------------------------------------
Name : python-flask
Product : Fedora 42
Version : 3.1.2
Release : 2.fc42
URL : http://flask.pocoo.org/
Summary : A micro-framework for Python based on Werkzeug, Jinja 2 and good intentions
Description :
Flask is called a ???micro-framework??? because the idea to keep the core
simple but extensible. There is no database abstraction layer, no form
validation or anything else where different libraries already exist
that can handle that. However Flask knows the concept of extensions
that can add this functionality into your application as if it was
implemented in Flask itself. There are currently extensions for object
relational mappers, form validation, upload handling, various open
authentication technologies and more.
--------------------------------------------------------------------------------
Update Information:
Update to 3.1.2
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 31 2025 Franti??ek Zatloukal [fzatlouk@redhat.com] - 1:3.1.2-2
- Do some shuffling to work on f42 and epel10
* Sun Aug 31 2025 Franti??ek Zatloukal [fzatlouk@redhat.com] - 1:3.1.2-1
- Update to 3.1.2 (RHBZ#2389601)
* Fri Aug 15 2025 Python Maint - 1:3.1.1-4
- Rebuilt for Python 3.14.0rc2 bytecode
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 1:3.1.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Tue Jun 3 2025 Python Maint - 1:3.1.1-2
- Rebuilt for Python 3.14
* Tue May 20 2025 Karolina Surma [ksurma@redhat.com] - 1:3.1.1-1
- Update to 3.1.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2366240 - CVE-2025-47278 python-flask: Flask Session Signing Fallback Key Vulnerability [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2366240
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-55e69c9cea' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
