Fedora 41 Update: loupe-47.4-2.fc41
Fedora 41 Update: rust-matchers-0.2.0-1.fc41
Fedora 41 Update: rust-tracing-subscriber-0.3.20-1.fc41
Fedora 42 Update: podman-5.6.1-1.fc42
Fedora 42 Update: containers-common-0.64.2-1.fc42
Fedora 42 Update: buildah-1.41.4-1.fc42
Fedora 42 Update: glycin-1.2.3-5.fc42
Fedora 42 Update: loupe-48.1-2.fc42
Fedora 42 Update: rust-matchers-0.2.0-1.fc42
Fedora 42 Update: rust-tracing-subscriber-0.3.20-1.fc42
[SECURITY] Fedora 41 Update: loupe-47.4-2.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-458d5882a1
2025-09-10 01:28:04.551448+00:00
--------------------------------------------------------------------------------
Name : loupe
Product : Fedora 41
Version : 47.4
Release : 2.fc41
URL : https://gitlab.gnome.org/GNOME/loupe
Summary : Image viewer
Description :
An image viewer application written with GTK 4, Libadwaita and Rust.
Features:
- Fast GPU accelerated image rendering with tiled rendering for SVGs
- Extendable and sandboxed (expect SVG) image decoding
- Support for more than 15 image formats by default
- Extensive support for touchpad and touchscreen gestures
- Accessible presentation of the most important metadata
- Sleek but powerful interface developed in conjunction with GNOME Human
Interface Guidelines
--------------------------------------------------------------------------------
Update Information:
Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 3 2025 Fabio Valentini [decathorpe@gmail.com] - 47.4-2
- Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2392037 - CVE-2025-58160 loupe: Tracing log pollution [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2392037
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-458d5882a1' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: rust-matchers-0.2.0-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-874b407d96
2025-09-10 01:28:04.551440+00:00
--------------------------------------------------------------------------------
Name : rust-matchers
Product : Fedora 41
Version : 0.2.0
Release : 1.fc41
URL : https://crates.io/crates/matchers
Summary : Regex matching on character and byte streams
Description :
Regex matching on character and byte streams.
--------------------------------------------------------------------------------
Update Information:
Update the tracing-subscriber crate to version 0.3.20.
Update the matchers crate to version 0.2.0.
This update also includes a fix for CVE-2025-58160. Rebuilds of dependent
applications will be coordinated separately from this update.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 1 2025 Fabio Valentini [decathorpe@gmail.com] - 0.2.0-1
- Update to version 0.2.0; Fixes RHBZ#2295530
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.1.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.1.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2392008 - CVE-2025-58160 rust-tracing-subscriber: Tracing log pollution [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2392008
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-874b407d96' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: rust-tracing-subscriber-0.3.20-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-874b407d96
2025-09-10 01:28:04.551440+00:00
--------------------------------------------------------------------------------
Name : rust-tracing-subscriber
Product : Fedora 41
Version : 0.3.20
Release : 1.fc41
URL : https://crates.io/crates/tracing-subscriber
Summary : Utilities for implementing and composing tracing subscribers
Description :
Utilities for implementing and composing `tracing` subscribers.
--------------------------------------------------------------------------------
Update Information:
Update the tracing-subscriber crate to version 0.3.20.
Update the matchers crate to version 0.2.0.
This update also includes a fix for CVE-2025-58160. Rebuilds of dependent
applications will be coordinated separately from this update.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 1 2025 Fabio Valentini [decathorpe@gmail.com] - 0.3.20-1
- Update to version 0.3.20; Fixes RHBZ#2391912
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.3.19-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.3.19-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2392008 - CVE-2025-58160 rust-tracing-subscriber: Tracing log pollution [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2392008
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-874b407d96' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: podman-5.6.1-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-19f7dd07d9
2025-09-10 00:51:50.217478+00:00
--------------------------------------------------------------------------------
Name : podman
Product : Fedora 42
Version : 5.6.1
Release : 1.fc42
URL : https://podman.io/
Summary : Manage Pods, Containers and Container Images
Description :
podman (Pod Manager) is a fully featured container engine that is a simple
daemonless tool. podman provides a Docker-CLI comparable command line that
eases the transition from other container engines and allows the management of
pods, containers and images. Simply put: alias docker=podman.
Most podman commands can be run as a regular user, without requiring
additional privileges.
podman uses Buildah(1) internally to create container images.
Both tools share image (not container) storage, hence each can use or
manipulate images (but not containers) created by the other.
--------------------------------------------------------------------------------
Update Information:
Security update for CVE-2025-9566
Automatic update for containers-common-0.64.2-1.fc42, podman-5.6.1-1.fc42,
buildah-1.41.4-1.fc42.
Changelog for containers-common
* Wed Sep 03 2025 Packit [hello@packit.dev] - 5:0.64.2-1
- Update to 0.64.2 upstream release
Changelog for podman
* Thu Sep 04 2025 Packit [hello@packit.dev] - 5:5.6.1-1
- Update to 5.6.1 upstream release
Changelog for buildah
* Thu Sep 04 2025 Packit [hello@packit.dev] - 2:1.41.4-1
- Update to 1.41.4 upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 4 2025 Packit [hello@packit.dev] - 5:5.6.1-1
- Update to 5.6.1 upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2393154 - CVE-2025-9566 podman: Podman kube play command may overwrite host files [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2393154
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-19f7dd07d9' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: containers-common-0.64.2-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-19f7dd07d9
2025-09-10 00:51:50.217478+00:00
--------------------------------------------------------------------------------
Name : containers-common
Product : Fedora 42
Version : 0.64.2
Release : 1.fc42
URL : https://github.com/containers/common
Summary : Common configuration and documentation for containers
Description :
This package contains common configuration files and documentation for container
tools ecosystem, such as Podman, Buildah and Skopeo.
It is required because the most of configuration files and docs come from projects
which are vendored into Podman, Buildah, Skopeo, etc. but they are not packaged
separately.
--------------------------------------------------------------------------------
Update Information:
Security update for CVE-2025-9566
Automatic update for containers-common-0.64.2-1.fc42, podman-5.6.1-1.fc42,
buildah-1.41.4-1.fc42.
Changelog for containers-common
* Wed Sep 03 2025 Packit [hello@packit.dev] - 5:0.64.2-1
- Update to 0.64.2 upstream release
Changelog for podman
* Thu Sep 04 2025 Packit [hello@packit.dev] - 5:5.6.1-1
- Update to 5.6.1 upstream release
Changelog for buildah
* Thu Sep 04 2025 Packit [hello@packit.dev] - 2:1.41.4-1
- Update to 1.41.4 upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 3 2025 Packit [hello@packit.dev] - 5:0.64.2-1
- Update to 0.64.2 upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2393154 - CVE-2025-9566 podman: Podman kube play command may overwrite host files [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2393154
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-19f7dd07d9' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: buildah-1.41.4-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-19f7dd07d9
2025-09-10 00:51:50.217478+00:00
--------------------------------------------------------------------------------
Name : buildah
Product : Fedora 42
Version : 1.41.4
Release : 1.fc42
URL : https://buildah.io
Summary : A command line tool used for creating OCI Images
Description :
The buildah package provides a command line tool which can be used to
* create a working container from scratch
or
* create a working container from an image as a starting point
* mount/umount a working container's root file system for manipulation
* save container's root file system layer to create a new image
* delete a working container or an image
--------------------------------------------------------------------------------
Update Information:
Security update for CVE-2025-9566
Automatic update for containers-common-0.64.2-1.fc42, podman-5.6.1-1.fc42,
buildah-1.41.4-1.fc42.
Changelog for containers-common
* Wed Sep 03 2025 Packit [hello@packit.dev] - 5:0.64.2-1
- Update to 0.64.2 upstream release
Changelog for podman
* Thu Sep 04 2025 Packit [hello@packit.dev] - 5:5.6.1-1
- Update to 5.6.1 upstream release
Changelog for buildah
* Thu Sep 04 2025 Packit [hello@packit.dev] - 2:1.41.4-1
- Update to 1.41.4 upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 4 2025 Packit [hello@packit.dev] - 2:1.41.4-1
- Update to 1.41.4 upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2393154 - CVE-2025-9566 podman: Podman kube play command may overwrite host files [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2393154
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-19f7dd07d9' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: glycin-1.2.3-5.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-e78a1c26fe
2025-09-10 00:51:50.217469+00:00
--------------------------------------------------------------------------------
Name : glycin
Product : Fedora 42
Version : 1.2.3
Release : 5.fc42
URL : https://gitlab.gnome.org/GNOME/glycin
Summary : Sandboxed image rendering
Description :
Sandboxed and extendable image decoding.
--------------------------------------------------------------------------------
Update Information:
Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 3 2025 Fabio Valentini [decathorpe@gmail.com] - 1.2.3-5
- Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2392032 - CVE-2025-58160 glycin: Tracing log pollution [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2392032
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-e78a1c26fe' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: loupe-48.1-2.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-ad9f520c95
2025-09-10 00:51:50.217464+00:00
--------------------------------------------------------------------------------
Name : loupe
Product : Fedora 42
Version : 48.1
Release : 2.fc42
URL : https://gitlab.gnome.org/GNOME/loupe
Summary : Image viewer
Description :
An image viewer application written with GTK 4, Libadwaita and Rust.
Features:
- Fast GPU accelerated image rendering with tiled rendering for SVGs
- Extendable and sandboxed (expect SVG) image decoding
- Support for more than 15 image formats by default
- Extensive support for touchpad and touchscreen gestures
- Accessible presentation of the most important metadata
- Sleek but powerful interface developed in conjunction with GNOME Human
Interface Guidelines
--------------------------------------------------------------------------------
Update Information:
Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 3 2025 Fabio Valentini [decathorpe@gmail.com] - 48.1-2
- Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2392037 - CVE-2025-58160 loupe: Tracing log pollution [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2392037
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-ad9f520c95' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: rust-matchers-0.2.0-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-0ebd4408bd
2025-09-10 00:51:50.217453+00:00
--------------------------------------------------------------------------------
Name : rust-matchers
Product : Fedora 42
Version : 0.2.0
Release : 1.fc42
URL : https://crates.io/crates/matchers
Summary : Regex matching on character and byte streams
Description :
Regex matching on character and byte streams.
--------------------------------------------------------------------------------
Update Information:
Update the tracing-subscriber crate to version 0.3.20.
Update the matchers crate to version 0.2.0.
This update also includes a fix for CVE-2025-58160. Rebuilds of dependent
applications will be coordinated separately from this update.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 1 2025 Fabio Valentini [decathorpe@gmail.com] - 0.2.0-1
- Update to version 0.2.0; Fixes RHBZ#2295530
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.1.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2392048 - CVE-2025-58160 rust-tracing-subscriber: Tracing log pollution [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2392048
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-0ebd4408bd' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: rust-tracing-subscriber-0.3.20-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-0ebd4408bd
2025-09-10 00:51:50.217453+00:00
--------------------------------------------------------------------------------
Name : rust-tracing-subscriber
Product : Fedora 42
Version : 0.3.20
Release : 1.fc42
URL : https://crates.io/crates/tracing-subscriber
Summary : Utilities for implementing and composing tracing subscribers
Description :
Utilities for implementing and composing `tracing` subscribers.
--------------------------------------------------------------------------------
Update Information:
Update the tracing-subscriber crate to version 0.3.20.
Update the matchers crate to version 0.2.0.
This update also includes a fix for CVE-2025-58160. Rebuilds of dependent
applications will be coordinated separately from this update.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 1 2025 Fabio Valentini [decathorpe@gmail.com] - 0.3.20-1
- Update to version 0.3.20; Fixes RHBZ#2391912
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.3.19-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2392048 - CVE-2025-58160 rust-tracing-subscriber: Tracing log pollution [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2392048
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-0ebd4408bd' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
