Fedora 41 Update: darktable-5.2.0-1.fc41
Fedora 42 Update: sudo-1.9.17-2.p1.fc42
[SECURITY] Fedora 41 Update: darktable-5.2.0-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-b5b1634cd0
2025-07-07 02:11:11.391446+00:00
--------------------------------------------------------------------------------
Name : darktable
Product : Fedora 41
Version : 5.2.0
Release : 1.fc41
URL : http://www.darktable.org/
Summary : Utility to organize and develop raw images
Description :
darktable manages your camera raw files and images in a database, lets you
view them through lighttable mode and develop/enhance them in darkroom mode.
--------------------------------------------------------------------------------
Update Information:
5.2.0 release
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 22 2025 Germano Massullo [germano.massullo@thetra.eu] - 5.2.0-1
- 5.2.0 release
* Mon Apr 28 2025 Germano Massullo [germano.massullo@gmail.com] - 5.0.1-2
- rebuilt
- Updated description
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2323675 - [abrt] darktable: _dt_sigsegv_handler(): darktable killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=2323675
[ 2 ] Bug #2335721 - [abrt] darktable: rocr::core::Runtime::VMFaultHandler(): darktable killed by SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=2335721
[ 3 ] Bug #2342151 - [abrt] darktable: _dt_sigsegv_handler(): darktable killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=2342151
[ 4 ] Bug #2361340 - CVE-2025-43963 darktable: out-of-buffer access [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2361340
[ 5 ] Bug #2361358 - CVE-2025-43964 darktable: Improper Validation of Specified Quantity in Input in LibRaw [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2361358
[ 6 ] Bug #2361376 - CVE-2025-43962 darktable: Out-of-Bounds Read in LibRaw's phase_one_correct Function [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2361376
[ 7 ] Bug #2361403 - CVE-2025-43961 darktable: Out-of-Bounds Read in Fujifilm 0xf00c Tag Parser in LibRaw [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2361403
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-b5b1634cd0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: sudo-1.9.17-2.p1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-44c3b13554
2025-07-07 00:49:37.824559+00:00
--------------------------------------------------------------------------------
Name : sudo
Product : Fedora 42
Version : 1.9.17
Release : 2.p1.fc42
URL : https://www.sudo.ws
Summary : Allows restricted root access for specified users
Description :
Sudo (superuser do) allows a system administrator to give certain
users (or groups of users) the ability to run some (or all) commands
as root while logging all commands and arguments. Sudo operates on a
per-command basis. It is not a replacement for the shell. Features
include: the ability to restrict what commands a user may run on a
per-host basis, copious logging of each command (providing a clear
audit trail of who did what), a configurable timeout of the sudo
command, and the ability to use the same configuration file (sudoers)
on many different machines.
--------------------------------------------------------------------------------
Update Information:
Rebase to sudo 1.9.17p1
sudo-1_9_16p2 is available.
Resolves: rhbz#2309626
sudo: LPE via host option.
Resolves: CVE-2025-32462
Properly apply system buildflags.
Use new build macros, drop unneeded %defattr.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jul 5 2025 Bj??rn Esser [besser82@fedoraproject.org] - 1.9.17-2.p1
- Re-apply changes from commit e2e397029e0d35046a4cf891e075d24c7540da4f
* Sat Jul 5 2025 Bj??rn Esser [besser82@fedoraproject.org] - 1.9.17-1.p1
- Rebase to sudo 1.9.17p1
- sudo-1_9_16p2 is available Resolves: rhbz#2309626
- sudo: LPE via host option Resolves: CVE-2025-32462
- Properly apply system buildflags
- Use new build macros, drop unneeded %%defattr
* Mon Jun 2 2025 Python Maint - 1.9.15-8.p5
- Rebuilt for Python 3.14
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2309626 - sudo-1_9_16p2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2309626
[ 2 ] Bug #2375842 - [Minor Incident] CVE-2025-32462 sudo: LPE via host option [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2375842
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-44c3b13554' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
