The latest security updates have been released for various Fedora Linux versions, including Fedora 41 and Fedora 42 to 43. Among the updates are new versions of .NET Framework (dotnet9.0), Dolphin Emulator (dolphin-emu), bpfman, Xen virtualization software (xen), BIND DNS server (bind), and the Ruby programming language (ruby). Fedora 43 has also seen updates for Dolphin Emulator again, as well as a new version of the BPF management tool (bpfman), which is identical to its update on Fedora 42. Additionally, Fedora 41 has received an update for .NET Framework.

Fedora 41 Update: dotnet9.0-9.0.111-1.fc41
Fedora 42 Update: dolphin-emu-2503a-4.fc42
Fedora 42 Update: bpfman-0.5.4-3.fc42
Fedora 42 Update: dotnet9.0-9.0.111-1.fc42
Fedora 42 Update: xen-4.19.3-8.fc42
Fedora 43 Update: bind-9.18.41-2.fc43
Fedora 43 Update: dolphin-emu-2503a-11.fc43
Fedora 43 Update: bpfman-0.5.4-3.fc43
Fedora 43 Update: ruby-3.4.7-28.fc43

[SECURITY] Fedora 41 Update: dotnet9.0-9.0.111-1.fc41

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-ece4f3816e
2025-11-09 03:29:22.215588+00:00
--------------------------------------------------------------------------------

Name : dotnet9.0
Product : Fedora 41
Version : 9.0.111
Release : 1.fc41
URL : https://github.com/dotnet/
Summary : .NET Runtime and SDK
Description :
.NET is a fast, lightweight and modular platform for creating
cross platform applications that work on Linux, macOS and Windows.

It particularly focuses on creating console applications, web
applications and micro-services.

.NET contains a runtime conforming to .NET Standards a set of
framework libraries, an SDK containing compilers and a 'dotnet'
application to drive everything.

--------------------------------------------------------------------------------
Update Information:

This is the October 2025 release of .NET 9, updating the SDK to version 9.0.111
and runtime to version to 9.0.10.
Release Notes:
SDK: https://github.com/dotnet/core/blob/main/release-
notes/9.0/9.0.10/9.0.111.md
Runtime: https://github.com/dotnet/core/blob/main/release-
notes/9.0/9.0.10/9.0.10.md
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 29 2025 Omair Majid [omajid@redhat.com] - 9.0.111-1
- Update to .NET SDK 9.0.111 and Runtime 9.0.10
* Tue Oct 28 2025 Omair Majid [omajid@redhat.com] - 9.0.110-2
- Avoid using clang 21
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-ece4f3816e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: dolphin-emu-2503a-4.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-cbd9bd51dd
2025-11-09 03:17:35.195144+00:00
--------------------------------------------------------------------------------

Name : dolphin-emu
Product : Fedora 42
Version : 2503a
Release : 4.fc42
URL : https://dolphin-emu.org/
Summary : GameCube / Wii / Triforce Emulator
Description :
Dolphin is a Gamecube, Wii and Triforce (the arcade machine based on the
Gamecube) emulator, which supports full HD video with several enhancements such
as compatibility with all PC controllers, turbo speed, networked multi player,
and more.
Most games run perfectly or with minor bugs.

--------------------------------------------------------------------------------
Update Information:

Add CVE and bug fixes to bundled mbedtls in dolphin-emu
--------------------------------------------------------------------------------
ChangeLog:

* Sat Nov 1 2025 Jeremy Newton [alexjnewt@hotmail.com] - 2503a-4
- Update mbedtls to 2.28.10
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2376686 - CVE-2025-52496 dolphin-emu: Mbed TLS AESNI Race Condition Vulnerability [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2376686
[ 2 ] Bug #2382242 - CVE-2025-48965 dolphin-emu: Mbed TLS: NULL Pointer Dereference [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2382242
[ 3 ] Bug #2382253 - CVE-2025-47917 dolphin-emu: Mbed TLS Use-After-Free Vulnerability [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2382253
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-cbd9bd51dd' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: bpfman-0.5.4-3.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-0753bddd6c
2025-11-09 03:17:35.195090+00:00
--------------------------------------------------------------------------------

Name : bpfman
Product : Fedora 42
Version : 0.5.4
Release : 3.fc42
URL : https://bpfman.io
Summary : EBPF Program Manager
Description :
bpfman operates as an eBPF manager, focusing on simplifying the deployment and
administration of eBPF programs.

--------------------------------------------------------------------------------
Update Information:

This update fixes CVE-2025-0977 (RUSTSEC-2025-0004), a use-after-free
vulnerability in the Rust openssl crate's ssl::select_next_proto
function. The openssl crate has been updated from version 0.10.67 to
0.10.70 in the vendored dependencies.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 31 2025 Daniel Mellado [dmellado@fedoraproject.org] - 0.5.4-3
- Fix CVE-2025-0977: Update openssl to 0.10.70 - closes rhbz#2344554
* Wed Jul 23 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.5.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Mon Jun 23 2025 Daniel Mellado [dmellado@fedoraproject.org] - 0.5.4-1
- Add patch for Cargo.lock - closes rhbz2370581
* Sat Jun 7 2025 Daniel Mellado [dmellado@fedoraproject.org] - 0.5.6-1
- Update to version 0.5.6
* Thu Jan 16 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.5.4-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Wed Dec 18 2024 Daniel Mellado [dmellado@fedoraproject.org] - 0.5.4-4
- Correct sources vendor file
* Wed Dec 18 2024 Daniel Mellado [dmellado@fedoraproject.org] - 0.5.4-3
- Remove forbidden RTLO characters in vendor/idna-5.0 tests
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2344554 - bpfman: openssl: CVE-2025-0977 / RUSTSEC-2025-0004: ssl::select_next_proto use after free
https://bugzilla.redhat.com/show_bug.cgi?id=2344554
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-0753bddd6c' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: dotnet9.0-9.0.111-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-e9c0b9e1b4
2025-11-09 03:17:35.195061+00:00
--------------------------------------------------------------------------------

Name : dotnet9.0
Product : Fedora 42
Version : 9.0.111
Release : 1.fc42
URL : https://github.com/dotnet/
Summary : .NET Runtime and SDK
Description :
.NET is a fast, lightweight and modular platform for creating
cross platform applications that work on Linux, macOS and Windows.

It particularly focuses on creating console applications, web
applications and micro-services.

.NET contains a runtime conforming to .NET Standards a set of
framework libraries, an SDK containing compilers and a 'dotnet'
application to drive everything.

--------------------------------------------------------------------------------
Update Information:

This is the October 2025 release of .NET 9, updating the SDK to version 9.0.111
and runtime to version to 9.0.10.
Release Notes:
SDK: https://github.com/dotnet/core/blob/main/release-
notes/9.0/9.0.10/9.0.111.md
Runtime: https://github.com/dotnet/core/blob/main/release-
notes/9.0/9.0.10/9.0.10.md
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 29 2025 Omair Majid [omajid@redhat.com] - 9.0.111-1
- Update to .NET SDK 9.0.111 and Runtime 9.0.10
* Tue Oct 28 2025 Omair Majid [omajid@redhat.com] - 9.0.110-2
- Avoid using clang 21
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-e9c0b9e1b4' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: xen-4.19.3-8.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-ec271ef07b
2025-11-09 03:17:35.195054+00:00
--------------------------------------------------------------------------------

Name : xen
Product : Fedora 42
Version : 4.19.3
Release : 8.fc42
URL : http://xen.org/
Summary : Xen is a virtual machine monitor
Description :
This package contains the XenD daemon and xm command line
tools, needed to manage virtual machines running under the
Xen hypervisor

--------------------------------------------------------------------------------
Update Information:

Incorrect removal of permissions on PCI device unplug [XSA-476,
CVE-2025-58149]
x86: Incorrect input sanitisation in Viridian hypercalls [XSA-475,
CVE-2025-58147, CVE-2025-58148]
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 24 2025 Michael Young [m.a.young@durham.ac.uk] - 4.19.3-8
- Incorrect removal of permissions on PCI device unplug [XSA-476,
CVE-2025-58149]
* Tue Oct 21 2025 Michael Young [m.a.young@durham.ac.uk] - 4.19.3-6
- x86: Incorrect input sanitisation in Viridian hypercalls [XSA-475,
CVE-2025-58147, CVE-2025-58148]
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-ec271ef07b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 43 Update: bind-9.18.41-2.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-3e245eae46
2025-11-09 03:05:33.669413+00:00
--------------------------------------------------------------------------------

Name : bind
Product : Fedora 43
Version : 9.18.41
Release : 2.fc43
URL : https://www.isc.org/downloads/bind/
Summary : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
Description :
BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols. BIND includes a DNS server (named),
which resolves host names to IP addresses; a resolver library
(routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating properly.

--------------------------------------------------------------------------------
Update Information:

Fix dual-signed domains verification, when one of algorithms is not supported.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 31 2025 Petr Men????k [pemensik@redhat.com] - 32:9.18.41-2
- Fix upstream reported regression in recent CVE fix (CVE-2025-8677)
- Add upstream dnssec system test testcase for this problem
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2413070 - Regression with disabled algorithms after CVE-2025-8677 fixes
https://bugzilla.redhat.com/show_bug.cgi?id=2413070
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-3e245eae46' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

[SECURITY] Fedora 43 Update: dolphin-emu-2503a-11.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-ea90f8d03c
2025-11-09 03:05:33.669357+00:00
--------------------------------------------------------------------------------

Name : dolphin-emu
Product : Fedora 43
Version : 2503a
Release : 11.fc43
URL : https://dolphin-emu.org/
Summary : GameCube / Wii / Triforce Emulator
Description :
Dolphin is a Gamecube, Wii and Triforce (the arcade machine based on the
Gamecube) emulator, which supports full HD video with several enhancements such
as compatibility with all PC controllers, turbo speed, networked multi player,
and more.
Most games run perfectly or with minor bugs.

--------------------------------------------------------------------------------
Update Information:

Add CVE and bug fixes to bundled mbedtls in dolphin-emu
--------------------------------------------------------------------------------
ChangeLog:

* Sat Nov 1 2025 Jeremy Newton [alexjnewt@hotmail.com] - 2503a-11
- Fix rebase error
* Sat Nov 1 2025 Jeremy Newton [alexjnewt@hotmail.com]
- Update mbedtls to 2.28.10
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-ea90f8d03c' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 43 Update: bpfman-0.5.4-3.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-e67231423f
2025-11-09 03:05:33.669278+00:00
--------------------------------------------------------------------------------

Name : bpfman
Product : Fedora 43
Version : 0.5.4
Release : 3.fc43
URL : https://bpfman.io
Summary : EBPF Program Manager
Description :
bpfman operates as an eBPF manager, focusing on simplifying the deployment and
administration of eBPF programs.

--------------------------------------------------------------------------------
Update Information:

This update fixes CVE-2025-0977 (RUSTSEC-2025-0004), a use-after-free
vulnerability in the Rust openssl crate's ssl::select_next_proto
function. The openssl crate has been updated from version 0.10.67 to
0.10.70 in the vendored dependencies.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 31 2025 Daniel Mellado [dmellado@fedoraproject.org] - 0.5.4-3
- Fix CVE-2025-0977: Update openssl to 0.10.70 - closes rhbz#2344554
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2344554 - bpfman: openssl: CVE-2025-0977 / RUSTSEC-2025-0004: ssl::select_next_proto use after free
https://bugzilla.redhat.com/show_bug.cgi?id=2344554
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-e67231423f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 43 Update: ruby-3.4.7-28.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-28a9cec027
2025-11-09 03:05:33.669256+00:00
--------------------------------------------------------------------------------

Name : ruby
Product : Fedora 43
Version : 3.4.7
Release : 28.fc43
URL : https://www.ruby-lang.org/
Summary : An interpreter of object-oriented scripting language
Description :
Ruby is the interpreted scripting language for quick and easy
object-oriented programming. It has many features to process text
files and to do system management tasks (as in Perl). It is simple,
straight-forward, and extensible.

--------------------------------------------------------------------------------
Update Information:

Upgrade to Ruby 3.4.7.
Fix URI Credential Leakage Bypass previous fixes.
Resolves: CVE-2025-61594
Fix REXML denial of service.
Resolves: CVE-2025-58767
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 30 2025 Jun Aruga [jaruga@redhat.com] - 3.4.7-28
- Upgrade to Ruby 3.4.7.
- Fix URI Credential Leakage Bypass previous fixes.
Resolves: CVE-2025-61594
- Fix REXML denial of service.
Resolves: CVE-2025-58767
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2396186 - CVE-2025-58767 rexml: REXML denial of service
https://bugzilla.redhat.com/show_bug.cgi?id=2396186
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-28a9cec027' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--