Fedora 41 Update: curl-8.9.1-4.fc41
Fedora 41 Update: checkpointctl-1.4.0-3.fc41
Fedora 42 Update: chromium-140.0.7339.185-1.fc42
Fedora 42 Update: checkpointctl-1.4.0-3.fc42
Fedora 43 Update: checkpointctl-1.4.0-3.fc43
Fedora 43 Update: perl-Catalyst-Authentication-Credential-HTTP-1.019-1.fc43
[SECURITY] Fedora 41 Update: curl-8.9.1-4.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-4daec13254
2025-09-23 01:47:24.731878+00:00
--------------------------------------------------------------------------------
Name : curl
Product : Fedora 41
Version : 8.9.1
Release : 4.fc41
URL : https://curl.se/
Summary : A utility for getting files from remote servers (FTP, HTTP, and others)
Description :
curl is a command line tool for transferring data with URL syntax, supporting
FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP,
SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP
uploading, HTTP form based upload, proxies, cookies, user+password
authentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer
resume, proxy tunneling and a busload of other useful tricks.
--------------------------------------------------------------------------------
Update Information:
fix Out of bounds read for cookie path (CVE-2025-9086)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2025 Jan Macku [jamacku@redhat.com] - 8.9.1-4
- fix Out of bounds read for cookie path (CVE-2025-9086)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2394882 - CVE-2025-9086 curl: Curl out of bounds read for cookie path [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2394882
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-4daec13254' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: checkpointctl-1.4.0-3.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-15f6a132bf
2025-09-23 01:47:24.731858+00:00
--------------------------------------------------------------------------------
Name : checkpointctl
Product : Fedora 41
Version : 1.4.0
Release : 3.fc41
URL : https://github.com/checkpoint-restore/checkpointctl
Summary : A command-line tool for in-depth analysis of container checkpoints
Description :
The checkpointctl command can be used for in-depth analysis of
container checkpoints created with Podman and Kubernetes.
--------------------------------------------------------------------------------
Update Information:
Rebuild
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 14 2025 Radostin Stoyanov [rstoyanov@fedoraproject.org] - 1:1.4.0-3
- Rebuild
* Sun Sep 14 2025 Radostin Stoyanov [rstoyanov@fedoraproject.org] - 1:1.4.0-2
- Bump epoch to 1
* Fri Sep 5 2025 Radostin Stoyanov [rstoyanov@fedoraproject.org] - 1:1.4.0-1
- Rebuild with epoch 1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2391649 - CVE-2025-58058 checkpointctl: github.com/ulikunitz/xz leaks memory [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2391649
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-15f6a132bf' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: chromium-140.0.7339.185-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-bb1ae3ee9c
2025-09-23 01:12:25.984544+00:00
--------------------------------------------------------------------------------
Name : chromium
Product : Fedora 42
Version : 140.0.7339.185
Release : 1.fc42
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).
--------------------------------------------------------------------------------
Update Information:
- Update to 140.0.7339.185
* CVE-2025-10585: Type Confusion in V8
* CVE-2025-10500: Use after free in Dawn
* CVE-2025-10501: Use after free in WebRTC
* CVE-2025-10502: Heap buffer overflow in ANGLE
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2025 Than Ngo [than@redhat.com] - 140.0.7339.185-1
- Update to 140.0.7339.185
* CVE-2025-10585: Type Confusion in V8
* CVE-2025-10500: Use after free in Dawn
* CVE-2025-10501: Use after free in WebRTC
* CVE-2025-10502: Heap buffer overflow in ANGLE
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-bb1ae3ee9c' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: checkpointctl-1.4.0-3.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-11b6deb0b8
2025-09-23 01:12:25.984483+00:00
--------------------------------------------------------------------------------
Name : checkpointctl
Product : Fedora 42
Version : 1.4.0
Release : 3.fc42
URL : https://github.com/checkpoint-restore/checkpointctl
Summary : A command-line tool for in-depth analysis of container checkpoints
Description :
The checkpointctl command can be used for in-depth analysis of
container checkpoints created with Podman and Kubernetes.
--------------------------------------------------------------------------------
Update Information:
Rebuild
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 14 2025 Radostin Stoyanov [rstoyanov@fedoraproject.org] - 1:1.4.0-3
- Rebuild
* Sun Sep 14 2025 Radostin Stoyanov [rstoyanov@fedoraproject.org] - 1:1.4.0-2
- Bump epoch to 1
* Fri Sep 5 2025 Radostin Stoyanov [rstoyanov@fedoraproject.org] - 1:1.4.0-1
- Rebuild with epoch 1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2391649 - CVE-2025-58058 checkpointctl: github.com/ulikunitz/xz leaks memory [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2391649
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-11b6deb0b8' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 43 Update: checkpointctl-1.4.0-3.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-eda09a0a51
2025-09-23 00:15:09.580239+00:00
--------------------------------------------------------------------------------
Name : checkpointctl
Product : Fedora 43
Version : 1.4.0
Release : 3.fc43
URL : https://github.com/checkpoint-restore/checkpointctl
Summary : A command-line tool for in-depth analysis of container checkpoints
Description :
The checkpointctl command can be used for in-depth analysis of
container checkpoints created with Podman and Kubernetes.
--------------------------------------------------------------------------------
Update Information:
Rebuild
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 14 2025 Radostin Stoyanov [rstoyanov@fedoraproject.org] - 1:1.4.0-3
- Rebuild
* Sun Sep 14 2025 Radostin Stoyanov [rstoyanov@fedoraproject.org] - 1:1.4.0-2
- Bump epoch to 1
* Fri Sep 5 2025 Radostin Stoyanov [rstoyanov@fedoraproject.org] - 1:1.4.0-1
- Rebuild with epoch 1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2391649 - CVE-2025-58058 checkpointctl: github.com/ulikunitz/xz leaks memory [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2391649
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-eda09a0a51' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 43 Update: perl-Catalyst-Authentication-Credential-HTTP-1.019-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6df5ab0b98
2025-09-23 00:15:09.580229+00:00
--------------------------------------------------------------------------------
Name : perl-Catalyst-Authentication-Credential-HTTP
Product : Fedora 43
Version : 1.019
Release : 1.fc43
URL : https://metacpan.org/release/Catalyst-Authentication-Credential-HTTP
Summary : HTTP Basic and Digest authentication for Catalyst
Description :
This module lets you use HTTP authentication with
Catalyst::Plugin::Authentication. Both basic and digest authentication are
currently supported.
--------------------------------------------------------------------------------
Update Information:
This update upgrade the package to version 1.019. This version fixes
CVE-2025-40920 by using Crypt::SysRandom to generate nonces instead of
Data::UUID.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 31 2025 Emmanuel Seyman [emmanuel@seyman.fr] - 1.019-1
- Update to 1.019
- Rework dependencies
- Switch build system
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6df5ab0b98' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
