Fedora Linux has been updated with various security enhancements, including gnutls, linux-firmware, salt, mingw-python-requests, and mingw-djvulibre:

Fedora 41 Update: gnutls-3.8.10-1.fc41
Fedora 41 Update: linux-firmware-20250708-1.fc41
Fedora 42 Update: salt-3007.5-2.fc42
Fedora 42 Update: mingw-python-requests-2.32.4-1.fc42
Fedora 42 Update: mingw-djvulibre-3.5.29-1.fc42

[SECURITY] Fedora 41 Update: gnutls-3.8.10-1.fc41

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-814d6183dd
2025-07-15 02:06:03.546166+00:00
--------------------------------------------------------------------------------

Name : gnutls
Product : Fedora 41
Version : 3.8.10
Release : 1.fc41
URL : http://www.gnutls.org/
Summary : A TLS protocol implementation
Description :
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS
protocols and technologies around them. It provides a simple C language
application programming interface (API) to access the secure communications
protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and
other required structures.

--------------------------------------------------------------------------------
Update Information:

This updates gnutls to the latest upstream release. Notable changes are:
PKCS#11 cryptographic provider support
Support for kTLS rekeying with kernel 6.14+
Support for the almost standardized ML-DSA private key formats
This also fixes 4 CVEs.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 11 2025 Daiki Ueno [dueno@redhat.com] - 3.8.10-1
- Update to 3.8.10 upstream release
* Fri Jul 11 2025 Yaakov Selkowitz [yselkowi@redhat.com] - 3.8.9-4
- Fix build on kernel 6.14+
* Fri Jul 11 2025 Daiki Ueno [dueno@redhat.com] - 3.8.9-3
- Update leancrypto to 1.3.0
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2378952 - gnutls-3.8.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2378952
[ 2 ] Bug #2379272 - CVE-2025-32990 gnutls: Vulnerability in GnuTLS certtool template parsing [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2379272
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-814d6183dd' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 41 Update: linux-firmware-20250708-1.fc41

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-1c5013e137
2025-07-15 02:06:03.546156+00:00
--------------------------------------------------------------------------------

Name : linux-firmware
Product : Fedora 41
Version : 20250708
Release : 1.fc41
URL : http://www.kernel.org/
Summary : Firmware files used by the Linux kernel
Description :
This package includes firmware files required for some devices to
operate.

--------------------------------------------------------------------------------
Update Information:

Update to 20250708:
Drop incorrect nvidia ghost entries
xe: Add fan_control v203.0.0.0 for BMG
Update AMD cpu microcode
amdgpu: Add DCN 3.6/PSP 14.0.5/SDMA 6.1.3/GC 11.5.3
mediatek MT7921: update bluetooth firmware to 20250625154126
qcom/adreno: document firmware revisions
qcom/adreno: move A610 and A702 ZAP files to Adreno driver section
qcom: Add sdx61 Foxconn vendor firmware image file
Revert "Update firmware file for Intel Pulsar core"
xe: First GuC/HuC release for Pantherlake
update firmware for MT7921 WiFi device
rtw89: 8922a: update fw to v0.35.80.0
rtw89: 8852c: update fw to v0.27.129.1
rtw89: 8852c: update fw to v0.27.128.0
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jul 8 2025 Peter Robinson [pbrobinson@fedoraproject.org] - 20250708-1
- Update to 20250708
- Drop incorrect nvidia ghost entries
- xe: Add fan_control v203.0.0.0 for BMG
- Update AMD cpu microcode
- amdgpu: Add DCN 3.6/PSP 14.0.5/SDMA 6.1.3/GC 11.5.3
- mediatek MT7921: update bluetooth firmware to 20250625154126
- qcom/adreno: document firmware revisions
- qcom/adreno: move A610 and A702 ZAP files to Adreno driver section
- qcom: Add sdx61 Foxconn vendor firmware image file
- Revert "Update firmware file for Intel Pulsar core"
- xe: First GuC/HuC release for Pantherlake
- update firmware for MT7921 WiFi device
- rtw89: 8922a: update fw to v0.35.80.0
- rtw89: 8852c: update fw to v0.27.129.1
- rtw89: 8852c: update fw to v0.27.128.0
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2375308 - Nouveau doesn't work
https://bugzilla.redhat.com/show_bug.cgi?id=2375308
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-1c5013e137' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: salt-3007.5-2.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-c903306aee
2025-07-14 22:50:39.623997+00:00
--------------------------------------------------------------------------------

Name : salt
Product : Fedora 42
Version : 3007.5
Release : 2.fc42
URL : https://saltproject.io/
Summary : A parallel remote execution system
Description :
Salt is a distributed remote execution system used to execute commands and
query data. It was developed in order to bring the best solutions found in
the world of remote execution together and make them better, faster and more
malleable. Salt accomplishes this via its ability to handle larger loads of
information, and not just dozens, but hundreds or even thousands of individual
servers, handle them quickly and through a simple and manageable interface.

--------------------------------------------------------------------------------
Update Information:

Contains fixes for regressions introduced during CVE bugfix update (3007.4).
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jul 5 2025 Robby Callicotte [rcallicotte@fedoraproject.org] - 3007.5-1
- Updated to 3007.5
- Resolves RHBZ#2375105
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2372777 - CVE-2025-22238 salt: Directory traversal in salt project [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2372777
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-c903306aee' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: mingw-python-requests-2.32.4-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-5ea2b69c03
2025-07-14 22:50:39.623984+00:00
--------------------------------------------------------------------------------

Name : mingw-python-requests
Product : Fedora 42
Version : 2.32.4
Release : 1.fc42
URL : https://requests.readthedocs.io/
Summary : MinGW Windows Python requests library
Description :
MinGW Windows Python requests.

--------------------------------------------------------------------------------
Update Information:

Update to 2.32.4. Fixes CVE-2024-47081.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jul 5 2025 Sandro Mani [manisandro@gmail.com] - 2.32.4-1
- Update to 2.32.4
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2375883 - CVE-2024-47081 mingw-python-requests: Requests vulnerable to .netrc credentials leak via malicious URLs [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2375883
[ 2 ] Bug #2375885 - CVE-2024-47081 mingw-python-requests: Requests vulnerable to .netrc credentials leak via malicious URLs [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2375885
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-5ea2b69c03' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: mingw-djvulibre-3.5.29-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-e286662e59
2025-07-14 22:50:39.623986+00:00
--------------------------------------------------------------------------------

Name : mingw-djvulibre
Product : Fedora 42
Version : 3.5.29
Release : 1.fc42
URL : http://djvu.sourceforge.net/
Summary : MinGW Windows djvulibre library
Description :
MinGW Windows djvulibre library.

--------------------------------------------------------------------------------
Update Information:

Update to 3.5.29, fixes CVE-2025-53367.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jul 5 2025 Sandro Mani [manisandro@gmail.com] - 3.5.29-1
- Update to 3.5.29
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2376252 - CVE-2025-53367 mingw-djvulibre: DjVuLibre out of bounds write [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2376252
[ 2 ] Bug #2376254 - CVE-2025-53367 mingw-djvulibre: DjVuLibre out of bounds write [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2376254
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-e286662e59' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--