Fedora 41 Update: openjpeg-2.5.3-8.fc41
Fedora 42 Update: matrix-synapse-1.135.2-1.fc42
Fedora 42 Update: python3-docs-3.13.6-1.fc42
Fedora 42 Update: python3.13-3.13.6-1.fc42
Fedora 42 Update: glib2-2.84.4-1.fc42
[SECURITY] Fedora 41 Update: openjpeg-2.5.3-8.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-4588dcd9ee
2025-08-13 01:31:18.135856+00:00
--------------------------------------------------------------------------------
Name : openjpeg
Product : Fedora 41
Version : 2.5.3
Release : 8.fc41
URL : https://github.com/uclouvain/openjpeg
Summary : C-Library for JPEG 2000
Description :
The OpenJPEG library is an open-source JPEG 2000 library developed in order to
promote the use of JPEG 2000.
This package contains
* JPEG 2000 codec compliant with the Part 1 of the standard (Class-1 Profile-1
compliance).
* JP2 (JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multiple
component transforms for multispectral and hyperspectral imagery)
--------------------------------------------------------------------------------
Update Information:
Backport fix for CVE-2025-54874.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 10 2025 Sandro Mani [manisandro@gmail.com] - 2.5.3-8
- Backport fix for CVE-2025-54874
* Thu Jul 24 2025 Fedora Release Engineering [releng@fedoraproject.org] - 2.5.3-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2386563 - CVE-2025-54874 openjpeg: OpenJPEG OOB heap memory write [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2386563
[ 2 ] Bug #2386568 - CVE-2025-54874 openjpeg: OpenJPEG OOB heap memory write [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2386568
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-4588dcd9ee' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: matrix-synapse-1.135.2-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-9e0e3043af
2025-08-13 01:15:46.336976+00:00
--------------------------------------------------------------------------------
Name : matrix-synapse
Product : Fedora 42
Version : 1.135.2
Release : 1.fc42
URL : https://github.com/element-hq/synapse
Summary : A Matrix reference homeserver written in Python using Twisted
Description :
Matrix is an ambitious new ecosystem for open federated Instant Messaging and
VoIP. Synapse is a reference "homeserver" implementation of Matrix from the
core development team at matrix.org, written in Python/Twisted. It is intended
to showcase the concept of Matrix and let folks see the spec in the context of
a coded base and let you run your own homeserver and generally help bootstrap
the ecosystem.
--------------------------------------------------------------------------------
Update Information:
Update to 1.135.2
Update to 1.135.0
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 11 2025 Jonathan Schleifer [js@nil.im] - 1.135.2-1
- Update to v1.135.2
* Sun Aug 10 2025 Jonathan Schleifer [js@nil.im] - 1.135.0-1
- Update to v1.135.0
* Thu Jul 24 2025 Fedora Release Engineering [releng@fedoraproject.org] - 1.133.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-9e0e3043af' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: python3-docs-3.13.6-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-1a9ad70c05
2025-08-13 01:15:46.336971+00:00
--------------------------------------------------------------------------------
Name : python3-docs
Product : Fedora 42
Version : 3.13.6
Release : 1.fc42
URL : https://www.python.org/
Summary : Documentation for the Python 3 programming language
Description :
The python3-docs package contains documentation on the Python 3
programming language and interpreter.
--------------------------------------------------------------------------------
Update Information:
3.13.6 is the sixth maintenance release of 3.13, containing around 200 bugfixes,
build improvements and documentation changes since 3.13.5.
This update contains fix for https://www.cve.org/CVERecord?id=CVE-2025-8194
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 7 2025 Tom???? Hrn??iar [thrnciar@redhat.com] - 3.13.6-1
- Update to 3.13.6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2384078 - CVE-2025-8194 python3.13: Cpython infinite loop when parsing a tarfile [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2384078
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-1a9ad70c05' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 42 Update: python3.13-3.13.6-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-1a9ad70c05
2025-08-13 01:15:46.336971+00:00
--------------------------------------------------------------------------------
Name : python3.13
Product : Fedora 42
Version : 3.13.6
Release : 1.fc42
URL : https://www.python.org/
Summary : Version 3.13 of the Python interpreter
Description :
Python 3.13 is an accessible, high-level, dynamically typed, interpreted
programming language, designed with an emphasis on code readability.
It includes an extensive standard library, and has a vast ecosystem of
third-party libraries.
--------------------------------------------------------------------------------
Update Information:
3.13.6 is the sixth maintenance release of 3.13, containing around 200 bugfixes,
build improvements and documentation changes since 3.13.5.
This update contains fix for https://www.cve.org/CVERecord?id=CVE-2025-8194
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 7 2025 Tom???? Hrn??iar [thrnciar@redhat.com] - 3.13.5-5
- Update to 3.13.6
* Mon Jul 28 2025 Miro Hron??ok [mhroncok@redhat.com] - 3.13.5-4
- Fix CVE-2025-8194: Tarfile infinite loop during parsing with negative member offset
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 3.13.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Wed Jun 25 2025 Karolina Surma [ksurma@redhat.com] - 3.13.5-2
- Conditionally skip tests not working with the older expat version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2384078 - CVE-2025-8194 python3.13: Cpython infinite loop when parsing a tarfile [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2384078
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-1a9ad70c05' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 42 Update: glib2-2.84.4-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-16acfe9927
2025-08-13 01:15:46.336966+00:00
--------------------------------------------------------------------------------
Name : glib2
Product : Fedora 42
Version : 2.84.4
Release : 1.fc42
URL : https://www.gtk.org
Summary : A library of handy utility functions
Description :
GLib is the low-level core library that forms the basis for projects
such as GTK+ and GNOME. It provides data structure handling for C,
portability wrappers, and interfaces for such runtime functionality
as an event loop, threads, dynamic loading, and an object system.
--------------------------------------------------------------------------------
Update Information:
Resolve CVE-2025-7039 (Buffer Under-read on GLib through glib/gfileutils.c via
get_tmp_file()) with several other bug fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 11 2025 Marek Kasik [mkasik@redhat.com] - 2.84.4-1
- Update to 2.84.4
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-16acfe9927' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
