Fedora 41 Update: docker-buildx-0.30.1-1.fc41
Fedora 41 Update: docker-buildkit-0.26.1-1.fc41
Fedora 42 Update: docker-buildkit-0.26.1-1.fc42
Fedora 43 Update: 7zip-25.01-1.fc43
[SECURITY] Fedora 41 Update: docker-buildx-0.30.1-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6e24679a4d
2025-11-27 01:12:49.648162+00:00
--------------------------------------------------------------------------------
Name : docker-buildx
Product : Fedora 41
Version : 0.30.1
Release : 1.fc41
URL : https://github.com/docker/buildx
Summary : Docker CLI plugin for extended build capabilities with BuildKit
Description :
Docker CLI plugin for extended build capabilities with BuildKit.
--------------------------------------------------------------------------------
Update Information:
Update to release v0.30.1
Upstream fix
Update to release v0.30.0
Resolves: rhbz#2413270
Resolves: rhbz#2407614, rhbz#2407881, rhbz#2408158, rhbz#2409066
Resolves: rhbz#2409350, rhbz#2409628, rhbz#2410014, rhbz#2410300
Resolves: rhbz#2410579, rhbz#2410946, rhbz#2411477, rhbz#2412381
Resolves: rhbz#2412530, rhbz#2412682, rhbz#2412762
Upstream new features and fixes
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 0.30.1-1
- Update to release v0.30.1
- Upstream fix
* Wed Nov 12 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 0.30.0-1
- Update to release v0.30.0
- Resolves: rhbz#2413270
- Resolves: rhbz#2407614, rhbz#2407881, rhbz#2408158, rhbz#2409066
- Resolves: rhbz#2409350, rhbz#2409628, rhbz#2410014, rhbz#2410300
- Resolves: rhbz#2410579, rhbz#2410946, rhbz#2411477, rhbz#2412381
- Resolves: rhbz#2412530, rhbz#2412682, rhbz#2412762
- Upstream new features and fixes
* Fri Oct 10 2025 Alejandro S??ez [asm@redhat.com] - 0.29.1-2
- rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2407614 - CVE-2025-58189 docker-buildx: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407614
[ 2 ] Bug #2407881 - CVE-2025-58189 docker-buildx: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2407881
[ 3 ] Bug #2408158 - CVE-2025-58189 docker-buildx: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408158
[ 4 ] Bug #2409066 - CVE-2025-61723 docker-buildx: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409066
[ 5 ] Bug #2409350 - CVE-2025-61723 docker-buildx: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409350
[ 6 ] Bug #2409628 - CVE-2025-61723 docker-buildx: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409628
[ 7 ] Bug #2410014 - CVE-2025-58185 docker-buildx: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410014
[ 8 ] Bug #2410300 - CVE-2025-58185 docker-buildx: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410300
[ 9 ] Bug #2410579 - CVE-2025-58185 docker-buildx: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410579
[ 10 ] Bug #2410946 - CVE-2025-58188 docker-buildx: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410946
[ 11 ] Bug #2411477 - CVE-2025-58188 docker-buildx: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411477
[ 12 ] Bug #2412381 - CVE-2025-58188 docker-buildx: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412381
[ 13 ] Bug #2412530 - CVE-2025-58183 docker-buildx: Unbounded allocation when parsing GNU sparse map [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2412530
[ 14 ] Bug #2412682 - CVE-2025-58183 docker-buildx: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412682
[ 15 ] Bug #2412762 - CVE-2025-58183 docker-buildx: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412762
[ 16 ] Bug #2413270 - docker-buildx-0.30.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2413270
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6e24679a4d' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 41 Update: docker-buildkit-0.26.1-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-1ccd7dbf40
2025-11-27 01:12:49.648185+00:00
--------------------------------------------------------------------------------
Name : docker-buildkit
Product : Fedora 41
Version : 0.26.1
Release : 1.fc41
URL : https://github.com/moby/buildkit
Summary : Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit
Description :
Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit.
--------------------------------------------------------------------------------
Update Information:
Update to release v0.26.1
Update to release v0.26.0
Resolves: rhbz#2412681, rhbz#2412761
Upstream new features and fixes
dependency override for moby/policy-helper needed for license (default
version does not a a license file)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 0.26.1-1
- Update to release v0.26.1
- Upstream fixes
* Thu Nov 13 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 0.26.0-1
- Update to release v0.26.0
- Resolves: rhbz#2412681, rhbz#2412761
- Upstream new features and fixes
- dependency override for moby/policy-helper needed for license (default
version does not a a license file)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2412681 - CVE-2025-58183 docker-buildkit: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412681
[ 2 ] Bug #2412761 - CVE-2025-58183 docker-buildkit: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412761
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-1ccd7dbf40' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: docker-buildkit-0.26.1-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-308cf4259b
2025-11-27 00:59:47.652700+00:00
--------------------------------------------------------------------------------
Name : docker-buildkit
Product : Fedora 42
Version : 0.26.1
Release : 1.fc42
URL : https://github.com/moby/buildkit
Summary : Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit
Description :
Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit.
--------------------------------------------------------------------------------
Update Information:
Update to release v0.26.1
Update to release v0.26.0
Resolves: rhbz#2412681, rhbz#2412761
Upstream new features and fixes
dependency override for moby/policy-helper needed for license (default
version does not a a license file)c
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 0.26.1-1
- Update to release v0.26.1
- Upstream fixes
* Thu Nov 13 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 0.26.0-1
- Update to release v0.26.0
- Resolves: rhbz#2412681, rhbz#2412761
- Upstream new features and fixes
- dependency override for moby/policy-helper needed for license (default
version does not a a license file)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2412681 - CVE-2025-58183 docker-buildkit: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412681
[ 2 ] Bug #2412761 - CVE-2025-58183 docker-buildkit: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412761
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-308cf4259b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 43 Update: 7zip-25.01-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-b6422d64f9
2025-11-27 00:46:38.116127+00:00
--------------------------------------------------------------------------------
Name : 7zip
Product : Fedora 43
Version : 25.01
Release : 1.fc43
URL : https://7-zip.org
Summary : A file archiver
Description :
7-Zip is a file archiver with a high compression ratio. The main features
of 7-Zip are:
* High compression ratio in 7z format with LZMA and LZMA2 compression
* Supported formats:
* Packing / unpacking: 7z, XZ, BZIP2, GZIP, TAR, ZIP and WIM
* Unpacking only: AR, ARJ, CAB, CHM, CPIO, CramFS, DMG, EXT, FAT,
GPT, HFS, IHEX, ISO, LZH, LZMA, MBR, MSI, NSIS, NTFS, QCOW2,
RPM, SquashFS, UDF, UEFI, VDI, VHD, VMDK, WIM, XAR and Z.
* For ZIP and GZIP formats, 7-Zip provides a compression ratio that is
2-10 % better than the ratio provided by PKZip and WinZip
* Strong AES-256 encryption in 7z and ZIP formats
* Powerful command line version
--------------------------------------------------------------------------------
Update Information:
Various CVE fixes, most importantly CVE-2025-11001
This also backports the Debian patch (PR unfortunately stalled upstream, with no
communication from upstream developers) to not echo passwords when dealing with
encrypted archives.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 26 2025 Michel Lind [salimma@fedoraproject.org] - 25.01-1
- Update to 25.01
- 25.00+ fixes CVE-2025-11001; Resolves: rhbz#2416011
- Backport Debian patch to disable echo-ing password; Resolves:
rhbz#2412315
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2376517 - 7zip-25.01 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2376517
[ 2 ] Bug #2381822 - CVE-2025-53817 7zip: 7-Zip Null pointer array write [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2381822
[ 3 ] Bug #2381825 - CVE-2025-53816 7zip: 7-Zip heap buffer overflow [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2381825
[ 4 ] Bug #2387643 - CVE-2025-55188 7zip: 7-Zip Symbolic Link Extraction Vulnerability [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2387643
[ 5 ] Bug #2412315 - 7z echoes a supplied password
https://bugzilla.redhat.com/show_bug.cgi?id=2412315
[ 6 ] Bug #2416899 - CVE-2025-11001 7zip: 7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2416899
[ 7 ] Bug #2416900 - CVE-2025-11001 7zip: 7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2416900
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-b6422d64f9' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
