Fedora 42 Update: perl-5.40.2-518.fc42
Fedora 42 Update: linux-firmware-20250708-1.fc42
Fedora 42 Update: luajit-2.1.1748459687-2.fc42
Fedora 42 Update: python-requests-2.32.4-1.fc42
[SECURITY] Fedora 42 Update: perl-5.40.2-518.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-30244ebfc7
2025-07-12 01:44:29.847248+00:00
--------------------------------------------------------------------------------
Name : perl
Product : Fedora 42
Version : 5.40.2
Release : 518.fc42
URL : https://www.perl.org/
Summary : Practical Extraction and Report Language
Description :
Perl is a high-level programming language with roots in C, sed, awk and shell
scripting. Perl is good at handling processes and files, and is especially
good at handling text. Perl's hallmarks are practicality and efficiency.
While it is used to do a lot of different things, Perl's most common
applications are system administration utilities and web programming.
This is a metapackage with all the Perl bits and core modules that can be
found in the upstream tarball from perl.org.
If you need only a specific feature, you can install a specific package
instead. E.g. to handle Perl scripts with /usr/bin/perl interpreter,
install perl-interpreter package. See perl-interpreter description for more
details on the Perl decomposition into packages.
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2025-40909 - Clone dirhandles without fchdir
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 9 2025 Jitka Plesnikova [jplesnik@redhat.com] - 4:5.40.2-518
- Fixes: CVE-2025-40909 - Clone dirhandles without fchdir
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2369463 - CVE-2025-40909 perl: Perl threads have a working directory race condition where file operations may target unintended paths [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2369463
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-30244ebfc7' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: linux-firmware-20250708-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6b6824140a
2025-07-12 01:44:29.847222+00:00
--------------------------------------------------------------------------------
Name : linux-firmware
Product : Fedora 42
Version : 20250708
Release : 1.fc42
URL : http://www.kernel.org/
Summary : Firmware files used by the Linux kernel
Description :
This package includes firmware files required for some devices to
operate.
--------------------------------------------------------------------------------
Update Information:
Update to 20250708:
Drop incorrect nvidia ghost entries
xe: Add fan_control v203.0.0.0 for BMG
Update AMD cpu microcode
amdgpu: Add DCN 3.6/PSP 14.0.5/SDMA 6.1.3/GC 11.5.3
mediatek MT7921: update bluetooth firmware to 20250625154126
qcom/adreno: document firmware revisions
qcom/adreno: move A610 and A702 ZAP files to Adreno driver section
qcom: Add sdx61 Foxconn vendor firmware image file
Revert "Update firmware file for Intel Pulsar core"
xe: First GuC/HuC release for Pantherlake
update firmware for MT7921 WiFi device
rtw89: 8922a: update fw to v0.35.80.0
rtw89: 8852c: update fw to v0.27.129.1
rtw89: 8852c: update fw to v0.27.128.0
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 8 2025 Peter Robinson [pbrobinson@fedoraproject.org] - 20250708-1
- Update to 20250708
- Drop incorrect nvidia ghost entries
- xe: Add fan_control v203.0.0.0 for BMG
- Update AMD cpu microcode
- amdgpu: Add DCN 3.6/PSP 14.0.5/SDMA 6.1.3/GC 11.5.3
- mediatek MT7921: update bluetooth firmware to 20250625154126
- qcom/adreno: document firmware revisions
- qcom/adreno: move A610 and A702 ZAP files to Adreno driver section
- qcom: Add sdx61 Foxconn vendor firmware image file
- Revert "Update firmware file for Intel Pulsar core"
- xe: First GuC/HuC release for Pantherlake
- update firmware for MT7921 WiFi device
- rtw89: 8922a: update fw to v0.35.80.0
- rtw89: 8852c: update fw to v0.27.129.1
- rtw89: 8852c: update fw to v0.27.128.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2375308 - Nouveau doesn't work
https://bugzilla.redhat.com/show_bug.cgi?id=2375308
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6b6824140a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: luajit-2.1.1748459687-2.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-b1082e9269
2025-07-12 01:44:29.847211+00:00
--------------------------------------------------------------------------------
Name : luajit
Product : Fedora 42
Version : 2.1.1748459687
Release : 2.fc42
URL : http://luajit.org
Summary : Just-In-Time Compiler for Lua
Description :
LuaJIT implements the full set of language features defined by Lua 5.1.
The virtual machine (VM) is API- and ABI-compatible to the standard
Lua interpreter and can be deployed as a drop-in replacement.
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2024-25176
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 8 2025 Andreas Schneider [asn@redhat.com] - 2.1.1748459687-1
- Update to version 2.1.1748459687
- Fixes CVE-2024-25176
- resolves: rhbz#2376990
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2376974 - CVE-2024-25178 luajit: Out of bounds read in LuaJIT [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2376974
[ 2 ] Bug #2376990 - CVE-2024-25176 luajit: From CVEorg collector [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2376990
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-b1082e9269' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: python-requests-2.32.4-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-87207b946a
2025-07-12 01:44:29.847191+00:00
--------------------------------------------------------------------------------
Name : python-requests
Product : Fedora 42
Version : 2.32.4
Release : 1.fc42
URL : https://pypi.io/project/requests
Summary : HTTP library, written in Python, for human beings
Description :
Most existing Python modules for sending HTTP requests are extremely verbose and
cumbersome. Python???s built-in urllib2 module provides most of the HTTP
capabilities you should need, but the API is thoroughly broken. This library is
designed to make HTTP requests easy for developers.
--------------------------------------------------------------------------------
Update Information:
Update to 2.32.4
Security fix for CVE-2024-47081: .netrc credentials leak via malicious URLs
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 7 2025 Miro Hron??ok [miro@hroncok.cz] - 2.32.4-1
- Update to 2.32.4
- Security fix for CVE-2024-47081: .netrc credentials leak via malicious
URLs
* Wed Jun 4 2025 Python Maint - 2.32.3-14
- Rebuilt for Python 3.14
* Tue Jun 3 2025 Python Maint - 2.32.3-13
- Bootstrap for Python 3.14
* Tue Apr 15 2025 Benjamin A. Beasley [code@musicinmybrain.net] - 2.32.3-5
- Backport test-cert. fixes for urllib3 2.4.0 compatibility
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2371255 - python-requests-2.32.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2371255
[ 2 ] Bug #2375886 - CVE-2024-47081 python-requests: Requests vulnerable to .netrc credentials leak via malicious URLs [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2375886
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-87207b946a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
