PgAdmin, Moby-Engine, Gobuster, and more updates for Fedora

Fedora Linux 9237 Published by

Several security updates have been released for Fedora Linux, including upgrades to various tools and libraries. The updates affect different versions of Fedora, with some changes made to version 42 and others to version 43. Specifically, the updated packages are pgadmin4, moby-engine, gobuster, and mingw-libpng, which aim to improve system security. These updates provide patches for vulnerabilities in these tools and libraries, helping to protect users from potential threats.

Fedora 42 Update: pgadmin4-9.11-1.fc42
Fedora 42 Update: moby-engine-29.1.3-1.fc42
Fedora 42 Update: gobuster-3.8.2-2.fc42
Fedora 42 Update: mingw-libpng-1.6.53-1.fc42
Fedora 43 Update: gobuster-3.8.2-1.fc43
Fedora 43 Update: pgadmin4-9.11-1.fc43
Fedora 43 Update: moby-engine-29.1.3-1.fc43




[SECURITY] Fedora 42 Update: pgadmin4-9.11-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-b08763f674
2025-12-22 01:05:58.831254+00:00
--------------------------------------------------------------------------------

Name : pgadmin4
Product : Fedora 42
Version : 9.11
Release : 1.fc42
URL : https://www.pgadmin.org/
Summary : Administration tool for PostgreSQL
Description :
pgAdmin is the most popular and feature rich Open Source administration and development
platform for PostgreSQL, the most advanced Open Source database in the world.

--------------------------------------------------------------------------------
Update Information:

Update to pgadmin-9.11, fixes CVE_2025-13780.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Dec 13 2025 Sandro Mani [manisandro@gmail.com] - 9.11-1
- Update to 9.11
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2421357 - pgadmin4-9.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2421357
[ 2 ] Bug #2421495 - CVE-2025-13780 pgadmin4: Remote Code Execution vulnerability when restoring PLAIN-format SQL dumps in server mode [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2421495
[ 3 ] Bug #2421496 - CVE-2025-13780 pgadmin4: Remote Code Execution vulnerability when restoring PLAIN-format SQL dumps in server mode [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2421496
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-b08763f674' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 42 Update: moby-engine-29.1.3-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-2f6ca95a74
2025-12-22 01:05:58.831239+00:00
--------------------------------------------------------------------------------

Name : moby-engine
Product : Fedora 42
Version : 29.1.3
Release : 1.fc42
URL : https://github.com/moby/moby
Summary : The open-source application container engine
Description :
Docker is an open source project to build, ship and run any application as a
lightweight container.

Docker containers are both hardware-agnostic and platform-agnostic. This means
they can run anywhere, from your laptop to the largest EC2 compute instance and
everything in between ??? and they do not require you to use a particular
language, framework or packaging system. That makes them great building blocks
for deploying and scaling web apps, databases, and backend services without
depending on a particular stack or provider.

--------------------------------------------------------------------------------
Update Information:

Update to release v29.1.3
Resolves: rhbz#2417969
Resolves CVE-2024-25621: rhbz#2419019, rhbz#2419046, rhbz#2419442
Upstream new features and fixes
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 12 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 29.1.3-1
- Update to release v29.1.3
- Resolves: rhbz#2417969
- Resolves CVE-2024-25621: rhbz#2419019, rhbz#2419046, rhbz#2419442
- Upstream new features and fixes
* Tue Dec 2 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 29.1.2-1
- Update to release v29.1.2
- Resolves: rhbz#2417969
- Upstream new features and fixes
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2417969 - moby-engine-29.1.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2417969
[ 2 ] Bug #2419019 - CVE-2024-25621 moby-engine: containerd local privilege escalation [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2419019
[ 3 ] Bug #2419046 - CVE-2024-25621 moby-engine: containerd local privilege escalation [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2419046
[ 4 ] Bug #2419442 - CVE-2024-25621 moby-engine: containerd local privilege escalation [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2419442
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-2f6ca95a74' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 42 Update: gobuster-3.8.2-2.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-36b3527937
2025-12-22 01:05:58.831277+00:00
--------------------------------------------------------------------------------

Name : gobuster
Product : Fedora 42
Version : 3.8.2
Release : 2.fc42
URL : https://github.com/OJ/gobuster
Summary : Directory/File, DNS and VHost busting tool written in Go
Description :
Directory/File, DNS and VHost busting tool written in Go.

--------------------------------------------------------------------------------
Update Information:

Fixes CVE-2025-58188, unretire package and update to 3.8.2.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 5 2025 Emir Akdag [infraw.linux@proton.me] - 3.8.2-1
- Unretire package and update to 3.8.2
- Fix CVE-2025-58188
- Switch to modern go-vendor-tools packaging
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2418895 - Review Request: gobuster - Directory/File, DNS and VHost busting tool written in Go
https://bugzilla.redhat.com/show_bug.cgi?id=2418895
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-36b3527937' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 42 Update: mingw-libpng-1.6.53-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-dbd70402f4
2025-12-22 01:05:58.831249+00:00
--------------------------------------------------------------------------------

Name : mingw-libpng
Product : Fedora 42
Version : 1.6.53
Release : 1.fc42
URL : http://www.libpng.org/pub/png/
Summary : MinGW Windows Libpng library
Description :
MinGW Windows Libpng library.

--------------------------------------------------------------------------------
Update Information:

Update to libpng-1.6.53, fixes CVE-2025-66293 and CVE-2025-64505.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Dec 13 2025 Sandro Mani [manisandro@gmail.com] - 1.6.53-1
- Update to 1.6.53
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2418425 - CVE-2025-64505 mingw-libpng: LIBPNG heap buffer overflow via malformed palette index [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2418425
[ 2 ] Bug #2418739 - CVE-2025-66293 mingw-libpng: LIBPNG out-of-bounds read in png_image_read_composite [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2418739
[ 3 ] Bug #2418750 - CVE-2025-66293 mingw-libpng: LIBPNG out-of-bounds read in png_image_read_composite [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2418750
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-dbd70402f4' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 43 Update: gobuster-3.8.2-1.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-723b7f2990
2025-12-22 00:51:48.774336+00:00
--------------------------------------------------------------------------------

Name : gobuster
Product : Fedora 43
Version : 3.8.2
Release : 1.fc43
URL : https://github.com/OJ/gobuster
Summary : Directory/File, DNS and VHost busting tool written in Go
Description :
Directory/File, DNS and VHost busting tool written in Go.

--------------------------------------------------------------------------------
Update Information:

Fixes CVE-2025-58188, unretire package and update to 3.8.2.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 5 2025 Emir Akdag [infraw.linux@proton.me] - 3.8.2-1
- Unretire package and update to 3.8.2
- Fix CVE-2025-58188
- Switch to modern go-vendor-tools packaging
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2418895 - Review Request: gobuster - Directory/File, DNS and VHost busting tool written in Go
https://bugzilla.redhat.com/show_bug.cgi?id=2418895
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-723b7f2990' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 43 Update: pgadmin4-9.11-1.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-c7fd6acdf6
2025-12-22 00:51:48.774308+00:00
--------------------------------------------------------------------------------

Name : pgadmin4
Product : Fedora 43
Version : 9.11
Release : 1.fc43
URL : https://www.pgadmin.org/
Summary : Administration tool for PostgreSQL
Description :
pgAdmin is the most popular and feature rich Open Source administration and development
platform for PostgreSQL, the most advanced Open Source database in the world.

--------------------------------------------------------------------------------
Update Information:

Update to pgadmin-9.11, fixes CVE_2025-13780.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Dec 13 2025 Sandro Mani [manisandro@gmail.com] - 9.11-1
- Update to 9.11
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2421357 - pgadmin4-9.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2421357
[ 2 ] Bug #2421495 - CVE-2025-13780 pgadmin4: Remote Code Execution vulnerability when restoring PLAIN-format SQL dumps in server mode [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2421495
[ 3 ] Bug #2421496 - CVE-2025-13780 pgadmin4: Remote Code Execution vulnerability when restoring PLAIN-format SQL dumps in server mode [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2421496
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-c7fd6acdf6' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 43 Update: moby-engine-29.1.3-1.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d39f46567c
2025-12-22 00:51:48.774296+00:00
--------------------------------------------------------------------------------

Name : moby-engine
Product : Fedora 43
Version : 29.1.3
Release : 1.fc43
URL : https://github.com/moby/moby
Summary : The open-source application container engine
Description :
Docker is an open source project to build, ship and run any application as a
lightweight container.

Docker containers are both hardware-agnostic and platform-agnostic. This means
they can run anywhere, from your laptop to the largest EC2 compute instance and
everything in between ??? and they do not require you to use a particular
language, framework or packaging system. That makes them great building blocks
for deploying and scaling web apps, databases, and backend services without
depending on a particular stack or provider.

--------------------------------------------------------------------------------
Update Information:

Update to release v29.1.3
Resolves: rhbz#2417969
Resolves CVE-2024-25621: rhbz#2419019, rhbz#2419046, rhbz#2419442
Upstream new features and fixes
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 12 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 29.1.3-1
- Update to release v29.1.3
- Resolves: rhbz#2417969
- Resolves CVE-2024-25621: rhbz#2419019, rhbz#2419046, rhbz#2419442
- Upstream new features and fixes
* Tue Dec 2 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 29.1.2-1
- Update to release v29.1.2
- Resolves: rhbz#2417969
- Upstream new features and fixes
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2417969 - moby-engine-29.1.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2417969
[ 2 ] Bug #2419019 - CVE-2024-25621 moby-engine: containerd local privilege escalation [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2419019
[ 3 ] Bug #2419046 - CVE-2024-25621 moby-engine: containerd local privilege escalation [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2419046
[ 4 ] Bug #2419442 - CVE-2024-25621 moby-engine: containerd local privilege escalation [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2419442
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d39f46567c' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Ventoy 1.1.10 released

Kernel, Git-LFS, Webkit2GTK3, and more updates for RHEL

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...