Fedora 43 Update: openqa-5^20260126git19189f0-1.fc43
Fedora 43 Update: rust-sequoia-keystore-server-0.2.0-5.fc43
Fedora 43 Update: os-autoinst-5^20260123git72cabd0-1.fc43
Fedora 43 Update: xen-4.20.2-3.fc43
Fedora 43 Update: python-jupytext-1.19.1-1.fc43
Fedora 43 Update: rust-sequoia-sq-1.3.1-9.fc43
Fedora 43 Update: rust-sequoia-octopus-librnp-1.11.1-4.fc43
Fedora 43 Update: rust-sequoia-sqv-1.3.0-5.fc43
Fedora 43 Update: python-python-multipart-0.0.22-1.fc43
Fedora 42 Update: python-jupytext-1.19.1-1.fc42
Fedora 42 Update: rust-sequoia-sq-1.3.1-9.fc42
Fedora 42 Update: rust-sequoia-keystore-server-0.2.0-5.fc42
Fedora 42 Update: rust-sequoia-sqv-1.3.0-5.fc42
Fedora 42 Update: rust-sequoia-octopus-librnp-1.11.1-4.fc42
Fedora 42 Update: python-python-multipart-0.0.22-1.fc42
[SECURITY] Fedora 43 Update: openqa-5^20260126git19189f0-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-abd2d2d60c
2026-02-04 02:08:26.993109+00:00
--------------------------------------------------------------------------------
Name : openqa
Product : Fedora 43
Version : 5^20260126git19189f0
Release : 1.fc43
URL : http://os-autoinst.github.io/openQA/
Summary : OS-level automated testing framework
Description :
openQA is a testing framework that allows you to test GUI applications on one
hand and bootloader and kernel on the other. In both cases, it is difficult to
script tests and verify the output. Output can be a popup window or it can be
an error in early boot even before init is executed.
openQA is an automated test tool that makes it possible to test the whole
installation process of an operating system. It uses virtual machines to
reproduce the process, check the output (both serial console and screen) in
every step and send the necessary keystrokes and commands to proceed to the
next. openQA can check whether the system can be installed, whether it works
properly in 'live' mode, whether applications work or whether the system
responds as expected to different installation options and commands.
Even more importantly, openQA can run several combinations of tests for every
revision of the operating system, reporting the errors detected for each
combination of hardware configuration, installation options and variant of the
operating system.
--------------------------------------------------------------------------------
Update Information:
This update provides new upstream snapshots of openQA and os-autoinst, with
various fixes and enhancements. Please see upstream changelogs for details. They
also address a CVE by updating a bundled javascript library, though we're fairly
sure openQA didn't actually expose the vulnerability anyway.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 26 2026 Adam Williamson [awilliam@redhat.com] - 5^20260126git19189f0-1
- Update to latest upstream git
- Drop merged patches
* Fri Jan 16 2026 Fedora Release Engineering [releng@fedoraproject.org] - 5^20250711git28a0214-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2433034 - CVE-2025-13465 openqa: prototype pollution in _.unset and _.omit functions [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2433034
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-abd2d2d60c' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 43 Update: rust-sequoia-keystore-server-0.2.0-5.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9317b8ea7b
2026-02-04 02:08:26.993090+00:00
--------------------------------------------------------------------------------
Name : rust-sequoia-keystore-server
Product : Fedora 43
Version : 0.2.0
Release : 5.fc43
URL : https://crates.io/crates/sequoia-keystore-server
Summary : Sequoia keystore daemon
Description :
Sequoia keystore daemon.
--------------------------------------------------------------------------------
Update Information:
Rebuild with sequoia-openpgp v2.1.0 to apply fixes for RUSTSEC-2025-0136 /
CVE-2025-67897.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 26 2026 Fabio Valentini [decathorpe@gmail.com] - 0.2.0-5
- Rebuild for sequoia-openpgp v2.1.0 (RUSTSEC-2025-0136 / CVE-2025-67897)
* Sat Jan 17 2026 Fedora Release Engineering [releng@fedoraproject.org] - 0.2.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9317b8ea7b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 43 Update: os-autoinst-5^20260123git72cabd0-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-abd2d2d60c
2026-02-04 02:08:26.993109+00:00
--------------------------------------------------------------------------------
Name : os-autoinst
Product : Fedora 43
Version : 5^20260123git72cabd0
Release : 1.fc43
URL : https://github.com/os-autoinst/os-autoinst
Summary : OS-level test automation
Description :
The OS-autoinst project aims at providing a means to run fully
automated tests. Especially to run tests of basic and low-level
operating system components such as bootloader, kernel, installer and
upgrade, which can not easily and safely be tested with other
automated testing frameworks. However, it can just as well be used to
test applications on top of a newly installed OS.
--------------------------------------------------------------------------------
Update Information:
This update provides new upstream snapshots of openQA and os-autoinst, with
various fixes and enhancements. Please see upstream changelogs for details. They
also address a CVE by updating a bundled javascript library, though we're fairly
sure openQA didn't actually expose the vulnerability anyway.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 20 2026 Adam Williamson [awilliam@redhat.com] - 5^20260123git72cabd0-1
- Update to latest git, re-sync spec
- Drop merged patches
* Fri Jan 16 2026 Fedora Release Engineering [releng@fedoraproject.org] - 5^20250707gitd55ec72-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Wed Dec 10 2025 Nicolas Chauvet [kwizart@gmail.com] - 5^20250707gitd55ec72-7
- Rebuilt for OpenCV-4.12
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2433034 - CVE-2025-13465 openqa: prototype pollution in _.unset and _.omit functions [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2433034
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-abd2d2d60c' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 43 Update: xen-4.20.2-3.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-844012d662
2026-02-04 02:08:26.993112+00:00
--------------------------------------------------------------------------------
Name : xen
Product : Fedora 43
Version : 4.20.2
Release : 3.fc43
URL : http://xen.org/
Summary : Xen is a virtual machine monitor
Description :
This package contains the XenD daemon and xm command line
tools, needed to manage virtual machines running under the
Xen hypervisor
--------------------------------------------------------------------------------
Update Information:
x86: buffer overrun with shadow paging + tracing [XSA-477, CVE-2025-58150]
x86: incomplete IBPB for vCPU isolation [XSA-479, CVE-2026-23553]
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 29 2026 Michael Young [m.a.young@durham.ac.uk] - 4.20.2-3
x86: buffer overrun with shadow paging + tracing [XSA-477, CVE-2025-58150]
(#2434046)
x86: incomplete IBPB for vCPU isolation [XSA-479, CVE-2026-23553]
(#2434048)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2434046 - CVE-2025-58150 xen: x86: buffer overrun with shadow paging + tracing [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2434046
[ 2 ] Bug #2434048 - CVE-2026-23553 xen: x86: incomplete IBPB for vCPU isolation [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2434048
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-844012d662' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 43 Update: python-jupytext-1.19.1-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9111b2e330
2026-02-04 02:08:26.993102+00:00
--------------------------------------------------------------------------------
Name : python-jupytext
Product : Fedora 43
Version : 1.19.1
Release : 1.fc43
URL : https://jupytext.readthedocs.io/
Summary : Save Jupyter notebooks as text documents or scripts
Description :
Have you always wished Jupyter notebooks were plain text documents? Wished
you could edit them in your favorite IDE? And get clear and meaningful diffs
when doing version control? Then... Jupytext may well be the tool you're
looking for!
Jupytext is a plugin for Jupyter that can save Jupyter notebooks as
- Markdown files (or MyST Markdown files, or R Markdown or Quarto text
notebooks)
- Scripts in many languages.
Common use cases for Jupytext are:
- Doing version control on Jupyter Notebooks
- Editing, merging or refactoring notebooks in your favorite text editor
- Applying Q&A checks on notebooks.
--------------------------------------------------------------------------------
Update Information:
See https://github.com/mwouts/jupytext/blob/main/CHANGELOG.md for changes in
versions 1.19.0 and 1.19.1. This update contains a fix for CVE-2025-13465.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 26 2026 Jerry James [loganjerry@gmail.com] - 1.19.1-1
- Version 1.19.1
- Contains fix for CVE-2025-13465
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2415269 - python-jupytext-1.19.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2415269
[ 2 ] Bug #2433040 - CVE-2025-13465 python-jupytext: prototype pollution in _.unset and _.omit functions [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2433040
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9111b2e330' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 43 Update: rust-sequoia-sq-1.3.1-9.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9317b8ea7b
2026-02-04 02:08:26.993090+00:00
--------------------------------------------------------------------------------
Name : rust-sequoia-sq
Product : Fedora 43
Version : 1.3.1
Release : 9.fc43
URL : https://crates.io/crates/sequoia-sq
Summary : Command-line frontends for Sequoia
Description :
Command-line frontends for Sequoia.
--------------------------------------------------------------------------------
Update Information:
Rebuild with sequoia-openpgp v2.1.0 to apply fixes for RUSTSEC-2025-0136 /
CVE-2025-67897.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 26 2026 Fabio Valentini [decathorpe@gmail.com] - 1.3.1-9
- Rebuild for sequoia-openpgp v2.1.0 (RUSTSEC-2025-0136 / CVE-2025-67897)
* Sat Jan 17 2026 Fedora Release Engineering [releng@fedoraproject.org] - 1.3.1-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9317b8ea7b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 43 Update: rust-sequoia-octopus-librnp-1.11.1-4.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9317b8ea7b
2026-02-04 02:08:26.993090+00:00
--------------------------------------------------------------------------------
Name : rust-sequoia-octopus-librnp
Product : Fedora 43
Version : 1.11.1
Release : 4.fc43
URL : https://crates.io/crates/sequoia-octopus-librnp
Summary : Reimplementation of RNP's interface using Sequoia for use with Thunderbird
Description :
Reimplementation of RNP's interface using Sequoia for use with
Thunderbird.
--------------------------------------------------------------------------------
Update Information:
Rebuild with sequoia-openpgp v2.1.0 to apply fixes for RUSTSEC-2025-0136 /
CVE-2025-67897.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 26 2026 Fabio Valentini [decathorpe@gmail.com] - 1.11.1-4
- Rebuild for sequoia-openpgp v2.1.0 (RUSTSEC-2025-0136 / CVE-2025-67897)
* Sat Jan 17 2026 Fedora Release Engineering [releng@fedoraproject.org] - 1.11.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9317b8ea7b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 43 Update: rust-sequoia-sqv-1.3.0-5.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-9317b8ea7b
2026-02-04 02:08:26.993090+00:00
--------------------------------------------------------------------------------
Name : rust-sequoia-sqv
Product : Fedora 43
Version : 1.3.0
Release : 5.fc43
URL : https://crates.io/crates/sequoia-sqv
Summary : Simple OpenPGP signature verification program
Description :
A simple OpenPGP signature verification program.
--------------------------------------------------------------------------------
Update Information:
Rebuild with sequoia-openpgp v2.1.0 to apply fixes for RUSTSEC-2025-0136 /
CVE-2025-67897.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 26 2026 Fabio Valentini [decathorpe@gmail.com] - 1.3.0-5
- Rebuild for sequoia-openpgp v2.1.0 (RUSTSEC-2025-0136 / CVE-2025-67897)
* Sat Jan 17 2026 Fedora Release Engineering [releng@fedoraproject.org] - 1.3.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-9317b8ea7b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 43 Update: python-python-multipart-0.0.22-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-08c12edc84
2026-02-04 02:08:26.993016+00:00
--------------------------------------------------------------------------------
Name : python-python-multipart
Product : Fedora 43
Version : 0.0.22
Release : 1.fc43
URL : https://github.com/Kludex/python-multipart
Summary : A streaming multipart parser for Python
Description :
Python-Multipart is a streaming multipart parser for Python.
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2026-24486 / GHSA-wp53-j4wj-2cfg.
0.0.22 (2026-01-25)
Drop directory path from filename in File
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 25 2026 Packit [hello@packit.dev] - 0.0.22-1
- Update to 0.0.22 upstream release
- Resolves: rhbz#2432631
* Sat Jan 17 2026 Fedora Release Engineering [releng@fedoraproject.org] - 0.0.21-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2432631 - python-python-multipart-0.0.22 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2432631
[ 2 ] Bug #2433373 - CVE-2026-24486 python-python-multipart: Python-Multipart has Arbitrary File Write via Non-Default Configuration [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2433373
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-08c12edc84' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 42 Update: python-jupytext-1.19.1-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-d3c5092654
2026-02-04 02:04:17.337400+00:00
--------------------------------------------------------------------------------
Name : python-jupytext
Product : Fedora 42
Version : 1.19.1
Release : 1.fc42
URL : https://jupytext.readthedocs.io/
Summary : Save Jupyter notebooks as text documents or scripts
Description :
Have you always wished Jupyter notebooks were plain text documents? Wished
you could edit them in your favorite IDE? And get clear and meaningful diffs
when doing version control? Then... Jupytext may well be the tool you're
looking for!
Jupytext is a plugin for Jupyter that can save Jupyter notebooks as
- Markdown files (or MyST Markdown files, or R Markdown or Quarto text
notebooks)
- Scripts in many languages.
Common use cases for Jupytext are:
- Doing version control on Jupyter Notebooks
- Editing, merging or refactoring notebooks in your favorite text editor
- Applying Q&A checks on notebooks.
--------------------------------------------------------------------------------
Update Information:
See https://github.com/mwouts/jupytext/blob/main/CHANGELOG.md for changes in
versions 1.19.0 and 1.19.1. This update contains a fix for CVE-2025-13465.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 26 2026 Jerry James [loganjerry@gmail.com] - 1.19.1-1
- Version 1.19.1
- Contains fix for CVE-2025-13465
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2415269 - python-jupytext-1.19.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2415269
[ 2 ] Bug #2432990 - CVE-2025-13465 python-jupytext: prototype pollution in _.unset and _.omit functions [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2432990
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-d3c5092654' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 42 Update: rust-sequoia-sq-1.3.1-9.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-304a740a0b
2026-02-04 02:04:17.337391+00:00
--------------------------------------------------------------------------------
Name : rust-sequoia-sq
Product : Fedora 42
Version : 1.3.1
Release : 9.fc42
URL : https://crates.io/crates/sequoia-sq
Summary : Command-line frontends for Sequoia
Description :
Command-line frontends for Sequoia.
--------------------------------------------------------------------------------
Update Information:
Rebuild with sequoia-openpgp v2.1.0 to apply fixes for RUSTSEC-2025-0136 /
CVE-2025-67897.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 26 2026 Fabio Valentini [decathorpe@gmail.com] - 1.3.1-9
- Rebuild for sequoia-openpgp v2.1.0 (RUSTSEC-2025-0136 / CVE-2025-67897)
* Sat Jan 17 2026 Fedora Release Engineering [releng@fedoraproject.org] - 1.3.1-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-304a740a0b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 42 Update: rust-sequoia-keystore-server-0.2.0-5.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-304a740a0b
2026-02-04 02:04:17.337391+00:00
--------------------------------------------------------------------------------
Name : rust-sequoia-keystore-server
Product : Fedora 42
Version : 0.2.0
Release : 5.fc42
URL : https://crates.io/crates/sequoia-keystore-server
Summary : Sequoia keystore daemon
Description :
Sequoia keystore daemon.
--------------------------------------------------------------------------------
Update Information:
Rebuild with sequoia-openpgp v2.1.0 to apply fixes for RUSTSEC-2025-0136 /
CVE-2025-67897.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 26 2026 Fabio Valentini [decathorpe@gmail.com] - 0.2.0-5
- Rebuild for sequoia-openpgp v2.1.0 (RUSTSEC-2025-0136 / CVE-2025-67897)
* Sat Jan 17 2026 Fedora Release Engineering [releng@fedoraproject.org] - 0.2.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-304a740a0b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 42 Update: rust-sequoia-sqv-1.3.0-5.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-304a740a0b
2026-02-04 02:04:17.337391+00:00
--------------------------------------------------------------------------------
Name : rust-sequoia-sqv
Product : Fedora 42
Version : 1.3.0
Release : 5.fc42
URL : https://crates.io/crates/sequoia-sqv
Summary : Simple OpenPGP signature verification program
Description :
A simple OpenPGP signature verification program.
--------------------------------------------------------------------------------
Update Information:
Rebuild with sequoia-openpgp v2.1.0 to apply fixes for RUSTSEC-2025-0136 /
CVE-2025-67897.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 26 2026 Fabio Valentini [decathorpe@gmail.com] - 1.3.0-5
- Rebuild for sequoia-openpgp v2.1.0 (RUSTSEC-2025-0136 / CVE-2025-67897)
* Sat Jan 17 2026 Fedora Release Engineering [releng@fedoraproject.org] - 1.3.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 1.3.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Thu Mar 27 2025 Fabio Valentini [decathorpe@gmail.com] - 1.3.0-2
- Make installation of shell completions and man pages more robust
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-304a740a0b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 42 Update: rust-sequoia-octopus-librnp-1.11.1-4.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-304a740a0b
2026-02-04 02:04:17.337391+00:00
--------------------------------------------------------------------------------
Name : rust-sequoia-octopus-librnp
Product : Fedora 42
Version : 1.11.1
Release : 4.fc42
URL : https://crates.io/crates/sequoia-octopus-librnp
Summary : Reimplementation of RNP's interface using Sequoia for use with Thunderbird
Description :
Reimplementation of RNP's interface using Sequoia for use with
Thunderbird.
--------------------------------------------------------------------------------
Update Information:
Rebuild with sequoia-openpgp v2.1.0 to apply fixes for RUSTSEC-2025-0136 /
CVE-2025-67897.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 26 2026 Fabio Valentini [decathorpe@gmail.com] - 1.11.1-4
- Rebuild for sequoia-openpgp v2.1.0 (RUSTSEC-2025-0136 / CVE-2025-67897)
* Sat Jan 17 2026 Fedora Release Engineering [releng@fedoraproject.org] - 1.11.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 1.11.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-304a740a0b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
[SECURITY] Fedora 42 Update: python-python-multipart-0.0.22-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-720b8d0c6c
2026-02-04 02:04:17.337332+00:00
--------------------------------------------------------------------------------
Name : python-python-multipart
Product : Fedora 42
Version : 0.0.22
Release : 1.fc42
URL : https://github.com/Kludex/python-multipart
Summary : A streaming multipart parser for Python
Description :
Python-Multipart is a streaming multipart parser for Python.
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2026-24486 / GHSA-wp53-j4wj-2cfg.
0.0.22 (2026-01-25)
Drop directory path from filename in File
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 25 2026 Packit [hello@packit.dev] - 0.0.22-1
- Update to 0.0.22 upstream release
- Resolves: rhbz#2432631
* Sat Jan 17 2026 Fedora Release Engineering [releng@fedoraproject.org] - 0.0.21-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2432631 - python-python-multipart-0.0.22 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2432631
[ 2 ] Bug #2433374 - CVE-2026-24486 python-python-multipart: Python-Multipart has Arbitrary File Write via Non-Default Configuration [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2433374
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-720b8d0c6c' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
