OpenSSH, Zsync, Python-Watchfiles, and more updates for Fedora

Fedora Linux 8994 Published by

Fedora Linux has been updated with multiple security enhancements, which include openssh, zsync, python-watchfiles, dotnet, rpm-ostree, yelp-xsl, ghostscript, dropbear, and nbdkit:

Fedora 41 Update: openssh-9.9p1-4.fc41
Fedora 41 Update: zsync-0.6.2-3.fc41
Fedora 41 Update: python-watchfiles-1.0.3-4.fc41
Fedora 41 Update: dotnet9.0-9.0.106-1.fc41
Fedora 41 Update: rpm-ostree-2025.8-1.fc41
Fedora 41 Update: yelp-xsl-42.1-7.fc41
Fedora 41 Update: yelp-42.2-9.fc41
Fedora 42 Update: ghostscript-10.05.1-1.fc42
Fedora 42 Update: zsync-0.6.2-3.fc42
Fedora 42 Update: python-watchfiles-1.0.4-5.fc42
Fedora 42 Update: dropbear-2025.88-1.fc42
Fedora 42 Update: dotnet9.0-9.0.106-1.fc42
Fedora 42 Update: nbdkit-1.42.3-1.fc42



[SECURITY] Fedora 41 Update: openssh-9.9p1-4.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-8896dcbcd0
2025-05-23 03:55:25.327044+00:00
--------------------------------------------------------------------------------

Name : openssh
Product : Fedora 41
Version : 9.9p1
Release : 4.fc41
URL : http://www.openssh.com/portable.html
Summary : An open source implementation of SSH protocol version 2
Description :
SSH (Secure SHell) is a program for logging into and executing
commands on a remote machine. SSH is intended to replace rlogin and
rsh, and to provide secure encrypted communications between two
untrusted hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over the secure channel.

OpenSSH is OpenBSD's version of the last free version of SSH, bringing
it up to date in terms of security and features.

This package includes the core files necessary for both the OpenSSH
client and server. To make this package useful, you should also
install openssh-clients, openssh-server, or both.

--------------------------------------------------------------------------------
Update Information:

Fixes CVE-2025-32728
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 19 2025 Zoltan Fridrich [zfridric@redhat.com] - 9.9p1-4
- CVE-2025-32728: Fix logic error in DisableForwarding option
Resolves: rhbz#2358778
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2358778 - CVE-2025-32728 openssh: OpenSSH SSHD Agent Forwarding and X11 Forwarding [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2358778
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-8896dcbcd0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: zsync-0.6.2-3.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-8365ba2261
2025-05-23 03:55:25.327005+00:00
--------------------------------------------------------------------------------

Name : zsync
Product : Fedora 41
Version : 0.6.2
Release : 3.fc41
URL : http://zsync.moria.org.uk/
Summary : a file transfer program using the same algorithm as rsync over HTTP
Description :
zsync is a file transfer program. It allows you to download a file from a
remote server, where you have a copy of an older version of the file on your
computer already. zsync downloads only the new parts of the file. It uses the
same algorithm as rsync. However, where rsync is designed for synchronising
data from one computer to another within an organisation, zsync is designed for
file distribution, with one file on a server to be distributed to thousands of
downloaders. zsync requires no special server software - just a web server to
host the files - and imposes no extra load on the server, making it ideal for
large scale file distribution.

--------------------------------------------------------------------------------
Update Information:

fix zlib source path in patch file
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 15 2025 Tobias Girstmair - 0.6.2-3
- fix zlib source path in patch file
* Thu May 15 2025 Tobias Girstmair - 0.6.2-2
- include a patch for CVE-2016-9840 (RHBZ#2366435)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2366424 - CVE-2025-4638 zsync: Improper Pointer Arithmetic in pcl [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2366424
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-8365ba2261' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: python-watchfiles-1.0.3-4.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-e5d435516f
2025-05-23 03:55:25.326974+00:00
--------------------------------------------------------------------------------

Name : python-watchfiles
Product : Fedora 41
Version : 1.0.3
Release : 4.fc41
URL : https://github.com/samuelcolvin/watchfiles
Summary : Simple, modern and high performance file watching and code reload in python
Description :
Simple, modern and high performance file watching and code reload in python.
Underlying file system notifications are handled by the Notify rust library.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2025-4574 (fix RHBZ#2366569)
The package was rebuilt with rust-crossbeam-channel 0.5.15.
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 15 2025 Benjamin A. Beasley [code@musicinmybrain.net] - 1.0.3-4
- Security fix for CVE-2025-4574 (fix RHBZ#2366569)
- The package was rebuilt with rust-crossbeam-channel 0.5.15.
* Thu May 15 2025 Benjamin A. Beasley [code@musicinmybrain.net] - 1.0.3-3
- Assert that .dist-info contains license files
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2366569 - CVE-2025-4574 python-watchfiles: crossbeam-channel Vulnerable to Double Free on Drop [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2366569
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-e5d435516f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: dotnet9.0-9.0.106-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-75bda8d944
2025-05-23 03:55:25.326836+00:00
--------------------------------------------------------------------------------

Name : dotnet9.0
Product : Fedora 41
Version : 9.0.106
Release : 1.fc41
URL : https://github.com/dotnet/
Summary : .NET Runtime and SDK
Description :
.NET is a fast, lightweight and modular platform for creating
cross platform applications that work on Linux, macOS and Windows.

It particularly focuses on creating console applications, web
applications and micro-services.

.NET contains a runtime conforming to .NET Standards a set of
framework libraries, an SDK containing compilers and a 'dotnet'
application to drive everything.

--------------------------------------------------------------------------------
Update Information:

This is the May 2025 update for .NET 9.
Release Notes:
SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.5/9.0.106.md
Runtime: https://github.com/dotnet/core/blob/main/release-
notes/9.0/9.0.5/9.0.5.md
--------------------------------------------------------------------------------
ChangeLog:

* Tue May 13 2025 Omair Majid [omajid@redhat.com] - 9.0.106-1
- Update to .NET SDK 9.0.106 and Runtime 9.0.5
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-75bda8d944' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: rpm-ostree-2025.8-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-f566d6a4ad
2025-05-23 03:55:25.326734+00:00
--------------------------------------------------------------------------------

Name : rpm-ostree
Product : Fedora 41
Version : 2025.8
Release : 1.fc41
URL : https://github.com/coreos/rpm-ostree
Summary : Hybrid image/package system
Description :
rpm-ostree is a hybrid image/package system. It supports
"composing" packages on a build server into an OSTree repository,
which can then be replicated by client systems with atomic upgrades.
Additionally, unlike many "pure" image systems, with rpm-ostree
each client system can layer on additional packages, providing
a "best of both worlds" approach.

--------------------------------------------------------------------------------
Update Information:

Release 2025.8
--------------------------------------------------------------------------------
ChangeLog:

* Wed May 7 2025 Joseph Marrero Corchado [jmarrero@redhat.com] - 2025.8-1
- Release 2025.8
* Thu Apr 3 2025 Jonathan Lebon [jonathan@jlebon.com] - 2025.7-2
- Backport sysusers fix for FCOS
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2357941 - CVE-2025-3416 rpm-ostree: rust-openssl Use-After-Free in `Md::fetch` and `Cipher::fetch` [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2357941
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-f566d6a4ad' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: yelp-xsl-42.1-7.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-72469000ed
2025-05-23 03:55:25.326739+00:00
--------------------------------------------------------------------------------

Name : yelp-xsl
Product : Fedora 41
Version : 42.1
Release : 7.fc41
URL : https://download.gnome.org/sources/yelp-xsl
Summary : XSL stylesheets for the yelp help browser
Description :
This package contains XSL stylesheets that are used by the yelp help browser.

--------------------------------------------------------------------------------
Update Information:

Fix CVE-2025-3155 - arbitrary file-read.
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 15 2025 Jan Grulich [jgrulich@redhat.com] - 42.1-7
- Fix CVE-2025-3155 - arbitrary file-read
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 42.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2357092 - CVE-2025-3155 yelp: Arbitrary file read [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2357092
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-72469000ed' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: yelp-42.2-9.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-72469000ed
2025-05-23 03:55:25.326739+00:00
--------------------------------------------------------------------------------

Name : yelp
Product : Fedora 41
Version : 42.2
Release : 9.fc41
URL : https://wiki.gnome.org/Apps/Yelp
Summary : Help browser for the GNOME desktop
Description :
Yelp is the help browser for the GNOME desktop. It is designed
to help you browse all the documentation on your system in
one central tool, including traditional man pages, info pages and
documentation written in DocBook.

--------------------------------------------------------------------------------
Update Information:

Fix CVE-2025-3155 - arbitrary file-read.
--------------------------------------------------------------------------------
ChangeLog:

* Fri May 9 2025 Jan Grulich [jgrulich@redhat.com] - 2:42.2-9
- Fix CVE-2025-3155 - arbitrary file-read
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 2:42.2-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Wed Sep 4 2024 Miroslav Such?? [msuchy@redhat.com] - 2:42.2-7
- convert license to SPDX
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2357092 - CVE-2025-3155 yelp: Arbitrary file read [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2357092
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-72469000ed' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 42 Update: ghostscript-10.05.1-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-db5caba0cc
2025-05-23 03:24:17.285965+00:00
--------------------------------------------------------------------------------

Name : ghostscript
Product : Fedora 42
Version : 10.05.1
Release : 1.fc42
URL : https://ghostscript.com/
Summary : Interpreter for PostScript language & PDF
Description :
This package provides useful conversion utilities based on Ghostscript software,
for converting PS, PDF and other document formats between each other.

Ghostscript is a suite of software providing an interpreter for Adobe Systems'
PostScript (PS) and Portable Document Format (PDF) page description languages.
Its primary purpose includes displaying (rasterization & rendering) and printing
of document pages, as well as conversions between different document formats.

--------------------------------------------------------------------------------
Update Information:

10.05.1, security fix for CVE-2025-46646 (fedora#2362935, fedora#2362446,
fedora#2362640)
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 19 2025 Zdenek Dohnal [zdohnal@redhat.com] - 10.05.1-1
- 10.05.1, security fix for CVE-2025-46646 (fedora#2362935, fedora#2362446, fedora#2362640)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2362446 - CVE-2025-46646 Ghostscript: Mishandling of Overlong UTF-8 Encoding in Artifex Ghostscript's decode_utf8 Function
https://bugzilla.redhat.com/show_bug.cgi?id=2362446
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-db5caba0cc' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 42 Update: zsync-0.6.2-3.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f6043cb99
2025-05-23 03:24:17.285913+00:00
--------------------------------------------------------------------------------

Name : zsync
Product : Fedora 42
Version : 0.6.2
Release : 3.fc42
URL : http://zsync.moria.org.uk/
Summary : a file transfer program using the same algorithm as rsync over HTTP
Description :
zsync is a file transfer program. It allows you to download a file from a
remote server, where you have a copy of an older version of the file on your
computer already. zsync downloads only the new parts of the file. It uses the
same algorithm as rsync. However, where rsync is designed for synchronising
data from one computer to another within an organisation, zsync is designed for
file distribution, with one file on a server to be distributed to thousands of
downloaders. zsync requires no special server software - just a web server to
host the files - and imposes no extra load on the server, making it ideal for
large scale file distribution.

--------------------------------------------------------------------------------
Update Information:

fix zlib source path in patch file
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 15 2025 Tobias Girstmair - 0.6.2-3
- fix zlib source path in patch file
* Thu May 15 2025 Tobias Girstmair - 0.6.2-2
- include a patch for CVE-2016-9840 (RHBZ#2366435)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2366435 - CVE-2025-4638 zsync: Improper Pointer Arithmetic in pcl [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2366435
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f6043cb99' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 42 Update: python-watchfiles-1.0.4-5.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-e6c12e820e
2025-05-23 03:24:17.285885+00:00
--------------------------------------------------------------------------------

Name : python-watchfiles
Product : Fedora 42
Version : 1.0.4
Release : 5.fc42
URL : https://github.com/samuelcolvin/watchfiles
Summary : Simple, modern and high performance file watching and code reload in python
Description :
Simple, modern and high performance file watching and code reload in python.
Underlying file system notifications are handled by the Notify rust library.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2025-4574 (fix RHBZ#2366569)
The package was rebuilt with rust-crossbeam-channel 0.5.15.
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 15 2025 Benjamin A. Beasley [code@musicinmybrain.net] - 1.0.4-5
- Security fix for CVE-2025-4574 (fix RHBZ#2366569)
- The package was rebuilt with rust-crossbeam-channel 0.5.15.
* Thu May 15 2025 Benjamin A. Beasley [code@musicinmybrain.net] - 1.0.4-4
- Assert that .dist-info contains license files
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2366569 - CVE-2025-4574 python-watchfiles: crossbeam-channel Vulnerable to Double Free on Drop [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2366569
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-e6c12e820e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 42 Update: dropbear-2025.88-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-86022c9c44
2025-05-23 03:24:17.285861+00:00
--------------------------------------------------------------------------------

Name : dropbear
Product : Fedora 42
Version : 2025.88
Release : 1.fc42
URL : https://matt.ucc.asn.au/dropbear/dropbear.html
Summary : Lightweight SSH server and client
Description :
Dropbear is a relatively small SSH server and client. It's particularly useful
for "embedded"-type Linux (or other Unix) systems, such as wireless routers.

--------------------------------------------------------------------------------
Update Information:

Upgrade to 2025.88 (rhbz#2364905)
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 15 2025 Federico Pellegrin [fede@evolware.org] - 2025.88-1
- Upgrade to 2025.88 (rhbz#2364905)
* Sat Feb 1 2025 Bj??rn Esser [besser82@fedoraproject.org] - 2024.86-3
- Add explicit BR: libxcrypt-devel
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2364905 - CVE-2025-47203 dropbear: command injection via an untrusted hostname argument [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2364905
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-86022c9c44' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 42 Update: dotnet9.0-9.0.106-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-a54ca28d07
2025-05-23 03:24:17.285734+00:00
--------------------------------------------------------------------------------

Name : dotnet9.0
Product : Fedora 42
Version : 9.0.106
Release : 1.fc42
URL : https://github.com/dotnet/
Summary : .NET Runtime and SDK
Description :
.NET is a fast, lightweight and modular platform for creating
cross platform applications that work on Linux, macOS and Windows.

It particularly focuses on creating console applications, web
applications and micro-services.

.NET contains a runtime conforming to .NET Standards a set of
framework libraries, an SDK containing compilers and a 'dotnet'
application to drive everything.

--------------------------------------------------------------------------------
Update Information:

This is the May 2025 update for .NET 9.
Release Notes:
SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.5/9.0.106.md
Runtime: https://github.com/dotnet/core/blob/main/release-
notes/9.0/9.0.5/9.0.5.md
--------------------------------------------------------------------------------
ChangeLog:

* Tue May 13 2025 Omair Majid [omajid@redhat.com] - 9.0.106-1
- Update to .NET SDK 9.0.106 and Runtime 9.0.5
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-a54ca28d07' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 42 Update: nbdkit-1.42.3-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-8a2d82f65a
2025-05-23 03:24:17.285672+00:00
--------------------------------------------------------------------------------

Name : nbdkit
Product : Fedora 42
Version : 1.42.3
Release : 1.fc42
URL : https://gitlab.com/nbdkit/nbdkit
Summary : NBD server
Description :
NBD is a protocol for accessing block devices (hard disks and
disk-like things) over the network.

nbdkit is a toolkit for creating NBD servers.

The key features are:

* Multithreaded NBD server written in C with good performance.

* Minimal dependencies for the basic server.

* Liberal license (BSD) allows nbdkit to be linked to proprietary
libraries or included in proprietary code.

* Well-documented, simple plugin API with a stable ABI guarantee.
Lets you to export "unconventional" block devices easily.

* You can write plugins in C or many other languages.

* Filters can be stacked in front of plugins to transform the output.

* Server can run standalone or can be invoked from other programs.

'nbdkit' is a meta-package which pulls in the core server and a
useful subset of plugins and filters with minimal dependencies.

If you want just the server, install 'nbdkit-server'.

To develop plugins, install the 'nbdkit-devel' package and start by
reading the nbdkit(1) and nbdkit-plugin(3) manual pages.

--------------------------------------------------------------------------------
Update Information:

New upstream stable branch version 1.42.3
--------------------------------------------------------------------------------
ChangeLog:

* Sat May 10 2025 Richard W.M. Jones [rjones@redhat.com] - 1.42.3-1
- New upstream stable branch version 1.42.3
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2365692 - CVE-2025-47711 nbdkit: off-by-one error when processing block status may lead to a Denial of Service [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2365692
[ 2 ] Bug #2365727 - CVE-2025-47712 nbdkit: Integer overflow triggers an assertion resulting in Denial of Service [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2365727
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-8a2d82f65a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--


KDE neon 20250522 released

Rust-Toolset, Kernel, Llvm-Toolset, Firefox updates for Oracle Linux

Windows

Linux

macOS

Community

  • Artsyl
    π˜–π˜―π˜΅π˜’π˜³π˜ͺ𝘰, 𝘊𝘒𝘯𝘒π˜₯𝘒 β€” π˜‘π˜Άπ˜―π˜¦ 18, 2025 β€” π—”π—Ώπ˜π˜€π˜†π—Ή π—§π—²π—°π—΅π—»π—Όπ—Ήπ—Όπ—΄π—Άπ—²π˜€, I ...
  • Artsyl
    May 28, 2025 – Ontario, Canada β€” Artsyl Technologies, a ...
  • Artsyl
    Artsyl Technologies has announced the latest version of ...