Fedora 40 Update: dnf-4.23.0-1.fc40.1
Fedora 40 Update: lemonldap-ng-2.21.0-1.fc40
Fedora 40 Update: php-tcpdf-6.9.1-1.fc40
Fedora 42 Update: chromium-135.0.7049.84-1.fc42
Fedora 42 Update: trunk-0.21.13-1.fc42
Fedora 42 Update: lemonldap-ng-2.21.0-1.fc42
Fedora 40 Update: mariadb10.11-10.11.11-1.fc40
Fedora 40 Update: dotnet9.0-9.0.104-1.fc40
Fedora 41 Update: golang-1.23.8-1.fc41
Fedora 42 Update: php-tcpdf-6.9.1-1.fc42
Fedora 41 Update: lemonldap-ng-2.21.0-1.fc41
Fedora 42 Update: podman-tui-1.5.0-1.fc42
Fedora 41 Update: php-tcpdf-6.9.1-1.fc41
Fedora 41 Update: perl-DBIx-Class-EncodedColumn-0.11000-1.fc41
Fedora 41 Update: perl-Crypt-URandom-Token-0.003-1.fc41
Fedora 42 Update: dotnet9.0-9.0.104-1.fc42
Fedora 41 Update: dotnet9.0-9.0.104-1.fc41
Fedora 41 Update: podman-tui-1.5.0-1.fc41
[SECURITY] Fedora 40 Update: dnf-4.23.0-1.fc40.1
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-21c36b3aa5
2025-04-15 19:19:49.588864+00:00
--------------------------------------------------------------------------------
Name : dnf
Product : Fedora 40
Version : 4.23.0
Release : 1.fc40.1
URL : https://github.com/rpm-software-management/dnf
Summary : Package manager
Description :
Utility that allows users to manage packages on their systems.
It supports RPMs, modules and comps groups & environments.
--------------------------------------------------------------------------------
Update Information:
This releases preserves enablement state of dnf-automatic.timer when upgrading
to Fedora 41.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 11 2025 Petr Pisar [ppisar@redhat.com] - 4.23.0-1.1
- Do not disable dnf-automatic.timer when upgrading to dnf5-plugin-automatic
(bug #2358865)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2358865 - Private bug
https://bugzilla.redhat.com/show_bug.cgi?id=2358865
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-21c36b3aa5' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 40 Update: lemonldap-ng-2.21.0-1.fc40
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-80dfa228e7
2025-04-15 19:19:49.588818+00:00
--------------------------------------------------------------------------------
Name : lemonldap-ng
Product : Fedora 40
Version : 2.21.0
Release : 1.fc40
URL : https://lemonldap-ng.org
Summary : Web Single Sign On (SSO) and Access Management
Description :
LemonLdap::NG is a modular Web-SSO based on Apache::Session modules. It
simplifies the build of a protected area with a few changes in the
application. It manages both authentication and authorization and provides
headers for accounting.
So you can have a full AAA protection for your web space as described below.
--------------------------------------------------------------------------------
Update Information:
See https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-21-0-is-out/
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 7 2025 Clement Oudot [clem.oudot@gmail.com] - 2.21.0-1
- Update to 2.21.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2357981 - lemonldap-ng-2.21.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2357981
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-80dfa228e7' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 40 Update: php-tcpdf-6.9.1-1.fc40
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-b5809de628
2025-04-15 19:19:49.588790+00:00
--------------------------------------------------------------------------------
Name : php-tcpdf
Product : Fedora 40
Version : 6.9.1
Release : 1.fc40
URL : http://www.tcpdf.org
Summary : PHP class for generating PDF documents and barcodes
Description :
PHP class for generating PDF documents.
* no external libraries are required for the basic functions;
* all standard page formats, custom page formats, custom margins and units
of measure;
* UTF-8 Unicode and Right-To-Left languages;
* TrueTypeUnicode, OpenTypeUnicode, TrueType, OpenType, Type1 and CID-0 fonts;
* font subsetting;
* methods to publish some XHTML + CSS code, Javascript and Forms;
* images, graphic (geometric figures) and transformation methods;
* supports JPEG, PNG and SVG images natively, all images supported by GD
(GD, GD2, GD2PART, GIF, JPEG, PNG, BMP, XBM, XPM) and all images supported
via ImagMagick (http: www.imagemagick.org/www/formats.html)
* 1D and 2D barcodes: CODE 39, ANSI MH10.8M-1983, USD-3, 3 of 9, CODE 93,
USS-93, Standard 2 of 5, Interleaved 2 of 5, CODE 128 A/B/C, 2 and 5 Digits
UPC-Based Extention, EAN 8, EAN 13, UPC-A, UPC-E, MSI, POSTNET, PLANET,
RMS4CC (Royal Mail 4-state Customer Code), CBC (Customer Bar Code),
KIX (Klant index - Customer index), Intelligent Mail Barcode, Onecode,
USPS-B-3200, CODABAR, CODE 11, PHARMACODE, PHARMACODE TWO-TRACKS,
Datamatrix ECC200, QR-Code, PDF417;
* ICC Color Profiles, Grayscale, RGB, CMYK, Spot Colors and Transparencies;
* automatic page header and footer management;
* document encryption up to 256 bit and digital signature certifications;
* transactions to UNDO commands;
* PDF annotations, including links, text and file attachments;
* text rendering modes (fill, stroke and clipping);
* multiple columns mode;
* no-write page regions;
* bookmarks and table of content;
* text hyphenation;
* text stretching and spacing (tracking/kerning);
* automatic page break, line break and text alignments including justification;
* automatic page numbering and page groups;
* move and delete pages;
* page compression (requires php-zlib extension);
* XOBject templates;
* PDF/A-1b (ISO 19005-1:2005) support.
By default, TCPDF uses the GD library which is know as slower than ImageMagick
solution. You can optionally install php-pecl-imagick; TCPDF will use it.
--------------------------------------------------------------------------------
Update Information:
Version 6.9.1 (2025-04-03)
Fixed Path Traversal security vulnerability reported by Positive Technologies.
Version 6.9.0 (2025-03-30)
Added PHP 8.4 testing.
Removed tcpdf_import.php and tcpdf_parser.php files (for a parser check the tc-
lib-pdf-parser project instead).
Fix composer.json.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 7 2025 Remi Collet [remi@remirepo.net] - 6.9.1-1
- update to 6.9.1
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-b5809de628' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: chromium-135.0.7049.84-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-0f2d318242
2025-04-15 17:58:27.650051+00:00
--------------------------------------------------------------------------------
Name : chromium
Product : Fedora 42
Version : 135.0.7049.84
Release : 1.fc42
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).
--------------------------------------------------------------------------------
Update Information:
Update to 135.0.7049.84
CVE-2025-3066: Use after free in Site Isolation
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 9 2025 Than Ngo [than@redhat.com] - 135.0.7049.84-1
- Update to 135.0.7049.84
* CVE-2025-3066: Use after free in Site Isolation
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-0f2d318242' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: trunk-0.21.13-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-3854530fd9
2025-04-15 17:58:27.649971+00:00
--------------------------------------------------------------------------------
Name : trunk
Product : Fedora 42
Version : 0.21.13
Release : 1.fc42
URL : https://github.com/trunk-rs/trunk
Summary : Build, bundle & ship your Rust WASM application to the web
Description :
Build, bundle & ship your Rust WASM application to the web.
--------------------------------------------------------------------------------
Update Information:
Update Trunk to v0.21.13
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 8 2025 Jens Reimann [ctron@dentrassi.de] - 0.21.13-1
- Update Trunk to v0.21.13
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2357944 - CVE-2025-3416 trunk: rust-openssl Use-After-Free in `Md::fetch` and `Cipher::fetch` [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2357944
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-3854530fd9' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: lemonldap-ng-2.21.0-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-aacd0b82cc
2025-04-15 17:58:27.649905+00:00
--------------------------------------------------------------------------------
Name : lemonldap-ng
Product : Fedora 42
Version : 2.21.0
Release : 1.fc42
URL : https://lemonldap-ng.org
Summary : Web Single Sign On (SSO) and Access Management
Description :
LemonLdap::NG is a modular Web-SSO based on Apache::Session modules. It
simplifies the build of a protected area with a few changes in the
application. It manages both authentication and authorization and provides
headers for accounting.
So you can have a full AAA protection for your web space as described below.
--------------------------------------------------------------------------------
Update Information:
See https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-21-0-is-out/
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 7 2025 Clement Oudot [clem.oudot@gmail.com] - 2.21.0-1
- Update to 2.21.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2357981 - lemonldap-ng-2.21.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2357981
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-aacd0b82cc' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 40 Update: mariadb10.11-10.11.11-1.fc40
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-e317a33d16
2025-04-15 19:19:49.588596+00:00
--------------------------------------------------------------------------------
Name : mariadb10.11
Product : Fedora 40
Version : 10.11.11
Release : 1.fc40
URL : http://mariadb.org
Summary : A very fast and robust SQL database server
Description :
MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded
SQL database server. It is a client/server implementation consisting of
a server daemon (mariadbd) and many different client programs and libraries.
The base package contains the standard MariaDB/MySQL client programs and
utilities.
--------------------------------------------------------------------------------
Update Information:
MariaDB 10.11.11
Release notes: https://mariadb.com/kb/en/mariadb-10-11-11-release-notes/
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 5 2025 Michal Schorm [mschorm@redhat.com] - 3:10.11.11-1
- Rebase to 10.11.11
* Sat Feb 1 2025 Bj??rn Esser [besser82@fedoraproject.org] - 3:10.11.10-4
- Add explicit BR: libxcrypt-devel
* Fri Jan 17 2025 Fedora Release Engineering [releng@fedoraproject.org] - 3:10.11.10-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Fri Nov 29 2024 Timoth??e Ravier [tim@siosm.fr] - 3:10.11.10-2
- Split mariadb-access & mariadb-find-rows into a client-utils subpackage
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2351039 - CVE-2023-52969 mariadb10.11: MariaDB Server Crash Due to Empty Backtrace Log [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2351039
[ 2 ] Bug #2351041 - CVE-2023-52971 mariadb10.11: MariaDB Server Crash [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2351041
[ 3 ] Bug #2351043 - CVE-2023-52970 mariadb10.11: MariaDB Server Crash via Item_direct_view_ref [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2351043
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-e317a33d16' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 40 Update: dotnet9.0-9.0.104-1.fc40
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-78dcffbaa1
2025-04-15 19:19:49.588549+00:00
--------------------------------------------------------------------------------
Name : dotnet9.0
Product : Fedora 40
Version : 9.0.104
Release : 1.fc40
URL : https://github.com/dotnet/
Summary : .NET Runtime and SDK
Description :
.NET is a fast, lightweight and modular platform for creating
cross platform applications that work on Linux, macOS and Windows.
It particularly focuses on creating console applications, web
applications and micro-services.
.NET contains a runtime conforming to .NET Standards a set of
framework libraries, an SDK containing compilers and a 'dotnet'
application to drive everything.
--------------------------------------------------------------------------------
Update Information:
This is the monthly update for .NET 9 for March 2025.
Release Notes:
SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.104.md
Runtime: https://github.com/dotnet/core/blob/main/release-
notes/9.0/9.0.3/9.0.3.md
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 11 2025 Omair Majid [omajid@redhat.com] - 9.0.104-1
- Update to .NET SDK 9.0.104 and Runtime 9.0.3
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-78dcffbaa1' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: golang-1.23.8-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-77ace1a41b
2025-04-15 18:33:59.718657+00:00
--------------------------------------------------------------------------------
Name : golang
Product : Fedora 41
Version : 1.23.8
Release : 1.fc41
URL : https://go.dev
Summary : The Go Programming Language
Description :
The Go Programming Language.
--------------------------------------------------------------------------------
Update Information:
Includes security fixes to the net/http package, as well as bug fixes to the
runtime and the go command. Full changelog.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 14 2025 Packit [hello@packit.dev] - 1.23.8-1
- Update to 1.23.8 upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2279816 - TRIAGE CVE-2024-24788 golang: net: malformed DNS message can cause infinite loop [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2279816
[ 2 ] Bug #2351948 - CVE-2025-22870 golang: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2351948
[ 3 ] Bug #2358578 - CVE-2025-22871 golang: Request smuggling due to acceptance of invalid chunked data in net/http [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2358578
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-77ace1a41b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: php-tcpdf-6.9.1-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-39c7a4c7ce
2025-04-15 17:58:27.649858+00:00
--------------------------------------------------------------------------------
Name : php-tcpdf
Product : Fedora 42
Version : 6.9.1
Release : 1.fc42
URL : http://www.tcpdf.org
Summary : PHP class for generating PDF documents and barcodes
Description :
PHP class for generating PDF documents.
* no external libraries are required for the basic functions;
* all standard page formats, custom page formats, custom margins and units
of measure;
* UTF-8 Unicode and Right-To-Left languages;
* TrueTypeUnicode, OpenTypeUnicode, TrueType, OpenType, Type1 and CID-0 fonts;
* font subsetting;
* methods to publish some XHTML + CSS code, Javascript and Forms;
* images, graphic (geometric figures) and transformation methods;
* supports JPEG, PNG and SVG images natively, all images supported by GD
(GD, GD2, GD2PART, GIF, JPEG, PNG, BMP, XBM, XPM) and all images supported
via ImagMagick (http: www.imagemagick.org/www/formats.html)
* 1D and 2D barcodes: CODE 39, ANSI MH10.8M-1983, USD-3, 3 of 9, CODE 93,
USS-93, Standard 2 of 5, Interleaved 2 of 5, CODE 128 A/B/C, 2 and 5 Digits
UPC-Based Extention, EAN 8, EAN 13, UPC-A, UPC-E, MSI, POSTNET, PLANET,
RMS4CC (Royal Mail 4-state Customer Code), CBC (Customer Bar Code),
KIX (Klant index - Customer index), Intelligent Mail Barcode, Onecode,
USPS-B-3200, CODABAR, CODE 11, PHARMACODE, PHARMACODE TWO-TRACKS,
Datamatrix ECC200, QR-Code, PDF417;
* ICC Color Profiles, Grayscale, RGB, CMYK, Spot Colors and Transparencies;
* automatic page header and footer management;
* document encryption up to 256 bit and digital signature certifications;
* transactions to UNDO commands;
* PDF annotations, including links, text and file attachments;
* text rendering modes (fill, stroke and clipping);
* multiple columns mode;
* no-write page regions;
* bookmarks and table of content;
* text hyphenation;
* text stretching and spacing (tracking/kerning);
* automatic page break, line break and text alignments including justification;
* automatic page numbering and page groups;
* move and delete pages;
* page compression (requires php-zlib extension);
* XOBject templates;
* PDF/A-1b (ISO 19005-1:2005) support.
By default, TCPDF uses the GD library which is know as slower than ImageMagick
solution. You can optionally install php-pecl-imagick; TCPDF will use it.
--------------------------------------------------------------------------------
Update Information:
Version 6.9.1 (2025-04-03)
Fixed Path Traversal security vulnerability reported by Positive Technologies.
Version 6.9.0 (2025-03-30)
Added PHP 8.4 testing.
Removed tcpdf_import.php and tcpdf_parser.php files (for a parser check the tc-
lib-pdf-parser project instead).
Fix composer.json.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 7 2025 Remi Collet [remi@remirepo.net] - 6.9.1-1
- update to 6.9.1
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-39c7a4c7ce' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: lemonldap-ng-2.21.0-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-273b88cf62
2025-04-15 18:33:59.718563+00:00
--------------------------------------------------------------------------------
Name : lemonldap-ng
Product : Fedora 41
Version : 2.21.0
Release : 1.fc41
URL : https://lemonldap-ng.org
Summary : Web Single Sign On (SSO) and Access Management
Description :
LemonLdap::NG is a modular Web-SSO based on Apache::Session modules. It
simplifies the build of a protected area with a few changes in the
application. It manages both authentication and authorization and provides
headers for accounting.
So you can have a full AAA protection for your web space as described below.
--------------------------------------------------------------------------------
Update Information:
See https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-21-0-is-out/
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 7 2025 Clement Oudot [clem.oudot@gmail.com] - 2.21.0-1
- Update to 2.21.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2357981 - lemonldap-ng-2.21.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2357981
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-273b88cf62' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: podman-tui-1.5.0-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-8a7d23116e
2025-04-15 17:58:27.649671+00:00
--------------------------------------------------------------------------------
Name : podman-tui
Product : Fedora 42
Version : 1.5.0
Release : 1.fc42
URL : https://github.com/containers/podman-tui
Summary : Podman Terminal User Interface
Description :
podman-tui is a terminal user interface for Podman v4 and v5.
podman-tui is using podman.socket service to communicate with podman environment
and SSH to connect to remote podman machines.
--------------------------------------------------------------------------------
Update Information:
release 1.5.0
--------------------------------------------------------------------------------
ChangeLog:
* Sun Apr 6 2025 Navid Yaghoobi [navidys@fedoraproject.org] - 1.5.0-1
- release v1.5.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2350799 - CVE-2025-22869 podman-tui: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2350799
[ 2 ] Bug #2350842 - CVE-2025-22869 podman-tui: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2350842
[ 3 ] Bug #2352104 - CVE-2025-22870 podman-tui: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2352104
[ 4 ] Bug #2352324 - CVE-2025-22870 podman-tui: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2352324
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-8a7d23116e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: php-tcpdf-6.9.1-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-85549e07c8
2025-04-15 18:33:59.718518+00:00
--------------------------------------------------------------------------------
Name : php-tcpdf
Product : Fedora 41
Version : 6.9.1
Release : 1.fc41
URL : http://www.tcpdf.org
Summary : PHP class for generating PDF documents and barcodes
Description :
PHP class for generating PDF documents.
* no external libraries are required for the basic functions;
* all standard page formats, custom page formats, custom margins and units
of measure;
* UTF-8 Unicode and Right-To-Left languages;
* TrueTypeUnicode, OpenTypeUnicode, TrueType, OpenType, Type1 and CID-0 fonts;
* font subsetting;
* methods to publish some XHTML + CSS code, Javascript and Forms;
* images, graphic (geometric figures) and transformation methods;
* supports JPEG, PNG and SVG images natively, all images supported by GD
(GD, GD2, GD2PART, GIF, JPEG, PNG, BMP, XBM, XPM) and all images supported
via ImagMagick (http: www.imagemagick.org/www/formats.html)
* 1D and 2D barcodes: CODE 39, ANSI MH10.8M-1983, USD-3, 3 of 9, CODE 93,
USS-93, Standard 2 of 5, Interleaved 2 of 5, CODE 128 A/B/C, 2 and 5 Digits
UPC-Based Extention, EAN 8, EAN 13, UPC-A, UPC-E, MSI, POSTNET, PLANET,
RMS4CC (Royal Mail 4-state Customer Code), CBC (Customer Bar Code),
KIX (Klant index - Customer index), Intelligent Mail Barcode, Onecode,
USPS-B-3200, CODABAR, CODE 11, PHARMACODE, PHARMACODE TWO-TRACKS,
Datamatrix ECC200, QR-Code, PDF417;
* ICC Color Profiles, Grayscale, RGB, CMYK, Spot Colors and Transparencies;
* automatic page header and footer management;
* document encryption up to 256 bit and digital signature certifications;
* transactions to UNDO commands;
* PDF annotations, including links, text and file attachments;
* text rendering modes (fill, stroke and clipping);
* multiple columns mode;
* no-write page regions;
* bookmarks and table of content;
* text hyphenation;
* text stretching and spacing (tracking/kerning);
* automatic page break, line break and text alignments including justification;
* automatic page numbering and page groups;
* move and delete pages;
* page compression (requires php-zlib extension);
* XOBject templates;
* PDF/A-1b (ISO 19005-1:2005) support.
By default, TCPDF uses the GD library which is know as slower than ImageMagick
solution. You can optionally install php-pecl-imagick; TCPDF will use it.
--------------------------------------------------------------------------------
Update Information:
Version 6.9.1 (2025-04-03)
Fixed Path Traversal security vulnerability reported by Positive Technologies.
Version 6.9.0 (2025-03-30)
Added PHP 8.4 testing.
Removed tcpdf_import.php and tcpdf_parser.php files (for a parser check the tc-
lib-pdf-parser project instead).
Fix composer.json.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 7 2025 Remi Collet [remi@remirepo.net] - 6.9.1-1
- update to 6.9.1
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-85549e07c8' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: perl-DBIx-Class-EncodedColumn-0.11000-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-0a8c805972
2025-04-15 18:33:59.718501+00:00
--------------------------------------------------------------------------------
Name : perl-DBIx-Class-EncodedColumn
Product : Fedora 41
Version : 0.11000
Release : 1.fc41
URL : https://metacpan.org/release/DBIx-Class-EncodedColumn
Summary : Automatically encode columns
Description :
This DBIx::Class component can be used to automatically encode a column's
--------------------------------------------------------------------------------
Update Information:
Needed for perl-DBIx-Class-EncodedColumn-0.11
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 28 2025 Jitka Plesnikova [jplesnik@redhat.com] - 0.11000-1
- 0.11 bump (rhbz#2354882)
- Fix CVE-2025-27552
- Package tests
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2355243 - CVE-2025-27551 perl-DBIx-Class-EncodedColumn: DBIx::Class::EncodedColumn until 0.00032 for Perl uses insecure rand() function for salting password hashes in Digest.pm [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2355243
[ 2 ] Bug #2355245 - CVE-2025-27552 perl-DBIx-Class-EncodedColumn: DBIx::Class::EncodedColumn until 0.00032 for Perl uses insecure rand() function for salting password hashes in Crypt/Eksblowfish/Bcrypt.pm [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2355245
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-0a8c805972' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: perl-Crypt-URandom-Token-0.003-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-0a8c805972
2025-04-15 18:33:59.718501+00:00
--------------------------------------------------------------------------------
Name : perl-Crypt-URandom-Token
Product : Fedora 41
Version : 0.003
Release : 1.fc41
URL : https://metacpan.org/dist/Crypt-URandom-Token
Summary : Generate secure strings for passwords, secrets and similar
Description :
This module provides a secure way to generate a random token for passwords
and similar using Crypt::URandom as the source of random bits.
--------------------------------------------------------------------------------
Update Information:
Needed for perl-DBIx-Class-EncodedColumn-0.11
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 28 2025 Jitka Plesnikova [jplesnik@redhat.com] 0.003-1
- Specfile autogenerated by cpanspec 1.78.
- Package tests
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2355243 - CVE-2025-27551 perl-DBIx-Class-EncodedColumn: DBIx::Class::EncodedColumn until 0.00032 for Perl uses insecure rand() function for salting password hashes in Digest.pm [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2355243
[ 2 ] Bug #2355245 - CVE-2025-27552 perl-DBIx-Class-EncodedColumn: DBIx::Class::EncodedColumn until 0.00032 for Perl uses insecure rand() function for salting password hashes in Crypt/Eksblowfish/Bcrypt.pm [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2355245
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-0a8c805972' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: dotnet9.0-9.0.104-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-a4aedd0b23
2025-04-15 17:58:27.649498+00:00
--------------------------------------------------------------------------------
Name : dotnet9.0
Product : Fedora 42
Version : 9.0.104
Release : 1.fc42
URL : https://github.com/dotnet/
Summary : .NET Runtime and SDK
Description :
.NET is a fast, lightweight and modular platform for creating
cross platform applications that work on Linux, macOS and Windows.
It particularly focuses on creating console applications, web
applications and micro-services.
.NET contains a runtime conforming to .NET Standards a set of
framework libraries, an SDK containing compilers and a 'dotnet'
application to drive everything.
--------------------------------------------------------------------------------
Update Information:
This is the monthly update for .NET 9 for March 2025.
Release Notes:
SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.104.md
Runtime: https://github.com/dotnet/core/blob/main/release-
notes/9.0/9.0.3/9.0.3.md
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 11 2025 Omair Majid [omajid@redhat.com] - 9.0.104-1
- Update to .NET SDK 9.0.104 and Runtime 9.0.3
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-a4aedd0b23' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: dotnet9.0-9.0.104-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-2edd9dc83b
2025-04-15 18:33:59.718191+00:00
--------------------------------------------------------------------------------
Name : dotnet9.0
Product : Fedora 41
Version : 9.0.104
Release : 1.fc41
URL : https://github.com/dotnet/
Summary : .NET Runtime and SDK
Description :
.NET is a fast, lightweight and modular platform for creating
cross platform applications that work on Linux, macOS and Windows.
It particularly focuses on creating console applications, web
applications and micro-services.
.NET contains a runtime conforming to .NET Standards a set of
framework libraries, an SDK containing compilers and a 'dotnet'
application to drive everything.
--------------------------------------------------------------------------------
Update Information:
This is the monthly update for .NET 9 for March 2025.
Release Notes:
SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.104.md
Runtime: https://github.com/dotnet/core/blob/main/release-
notes/9.0/9.0.3/9.0.3.md
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 11 2025 Omair Majid [omajid@redhat.com] - 9.0.104-1
- Update to .NET SDK 9.0.104 and Runtime 9.0.3
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-2edd9dc83b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: podman-tui-1.5.0-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-f1d2ae375e
2025-04-15 18:33:59.718341+00:00
--------------------------------------------------------------------------------
Name : podman-tui
Product : Fedora 41
Version : 1.5.0
Release : 1.fc41
URL : https://github.com/containers/podman-tui
Summary : Podman Terminal User Interface
Description :
podman-tui is a terminal user interface for Podman v4 and v5.
podman-tui is using podman.socket service to communicate with podman environment
and SSH to connect to remote podman machines.
--------------------------------------------------------------------------------
Update Information:
release 1.5.0
--------------------------------------------------------------------------------
ChangeLog:
* Sun Apr 6 2025 Navid Yaghoobi [navidys@fedoraproject.org] - 1.5.0-1
- release v1.5.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2350799 - CVE-2025-22869 podman-tui: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2350799
[ 2 ] Bug #2350842 - CVE-2025-22869 podman-tui: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2350842
[ 3 ] Bug #2352104 - CVE-2025-22870 podman-tui: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2352104
[ 4 ] Bug #2352324 - CVE-2025-22870 podman-tui: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2352324
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-f1d2ae375e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
