Fedora 41 Update: php-adodb-5.22.9-1.fc41
Fedora 41 Update: nodejs22-22.15.0-2.fc41
Fedora 41 Update: deluge-2.2.0-1.fc41
Fedora 41 Update: python-h11-0.14.0-7.fc41
Fedora 40 Update: chromium-136.0.7103.92-1.fc40
Fedora 40 Update: php-adodb-5.22.9-1.fc40
Fedora 40 Update: nodejs22-22.15.0-2.fc40
Fedora 40 Update: python-h11-0.14.0-7.fc40
Fedora 42 Update: php-adodb-5.22.9-1.fc42
Fedora 42 Update: deluge-2.2.0-1.fc42
Fedora 42 Update: nodejs22-22.15.0-2.fc42
Fedora 42 Update: python-h11-0.14.0-7.fc42
[SECURITY] Fedora 41 Update: php-adodb-5.22.9-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-a32ccde763
2025-05-11 02:30:35.179693+00:00
--------------------------------------------------------------------------------
Name : php-adodb
Product : Fedora 41
Version : 5.22.9
Release : 1.fc41
URL : http://adodb.org
Summary : Database abstraction layer for PHP
Description :
ADOdb is an object oriented library written in PHP that abstracts database
operations for portability. It is modelled on Microsoft's ADO, but has many
improvements that make it unique (eg. pivot tables, Active Record support,
generating HTML for paging recordsets with next and previous links, cached
recordsets, HTML menu generation, etc).
ADOdb hides the differences between the different databases so you can easily
switch DBs without changing code.
--------------------------------------------------------------------------------
Update Information:
5.22.9
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 2 2025 Gwyn Ciesla [gwync@protonmail.com] - 5.22.9-1
- 5.22.9
* Sat Jan 18 2025 Fedora Release Engineering [releng@fedoraproject.org] - 5.22.7-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2363627 - CVE-2025-46337 php-adodb: SQL injection in ADOdb PostgreSQL driver pg_insert_id() method [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=2363627
[ 2 ] Bug #2363628 - CVE-2025-46337 php-adodb: SQL injection in ADOdb PostgreSQL driver pg_insert_id() method [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2363628
[ 3 ] Bug #2363629 - CVE-2025-46337 php-adodb: SQL injection in ADOdb PostgreSQL driver pg_insert_id() method [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2363629
[ 4 ] Bug #2363630 - CVE-2025-46337 php-adodb: SQL injection in ADOdb PostgreSQL driver pg_insert_id() method [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2363630
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-a32ccde763' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: nodejs22-22.15.0-2.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-2c1f4c46d0
2025-05-11 02:30:35.179677+00:00
--------------------------------------------------------------------------------
Name : nodejs22
Product : Fedora 41
Version : 22.15.0
Release : 2.fc41
URL : http://nodejs.org/
Summary : JavaScript runtime
Description :
Node.js is a platform built on Chrome's JavaScript runtime \
for easily building fast, scalable network applications. \
Node.js uses an event-driven, non-blocking I/O model that \
makes it lightweight and efficient, perfect for data-intensive \
real-time applications that run across distributed devices.}
--------------------------------------------------------------------------------
Update Information:
Update to version 22.15.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 30 2025 tjuhasz [tjuhasz@redhat.com] - 1:22.15.0-2
- Fix test run by adding library path
* Mon Apr 28 2025 tjuhasz [tjuhasz@redhat.com] - 1:22.15.0-1
- Update to version 22.15.0 (rhbz#2361835)
* Wed Apr 23 2025 tjuhasz [tjuhasz@redhat.com] - 1:22.14.0-9
- Remove unused functions from spec file and template
* Tue Apr 15 2025 Tomas Juhasz [tjuhasz@redhat.com] - 1:22.14.0-8
- RPMAUTOSPEC: unresolvable merge
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2358568 - CVE-2025-31498 nodejs22: c-ares has a use-after-free in read_answers() [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2358568
[ 2 ] Bug #2358571 - CVE-2025-31498 nodejs22: c-ares has a use-after-free in read_answers() [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2358571
[ 3 ] Bug #2361835 - nodejs22-22.15.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2361835
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-2c1f4c46d0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: deluge-2.2.0-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d23a07ad00
2025-05-11 02:30:35.179683+00:00
--------------------------------------------------------------------------------
Name : deluge
Product : Fedora 41
Version : 2.2.0
Release : 1.fc41
URL : http://deluge-torrent.org/
Summary : A GTK+ BitTorrent client with support for DHT, UPnP, and PEX
Description :
Deluge is a new BitTorrent client, created using Python and GTK+. It is
intended to bring a native, full-featured client to Linux GTK+ desktop
environments such as GNOME and XFCE. It supports features such as DHT
(Distributed Hash Tables), PEX (??Torrent-compatible Peer Exchange), and UPnP
(Universal Plug-n-Play) that allow one to more easily share BitTorrent data
even from behind a router with virtually zero configuration of port-forwarding.
--------------------------------------------------------------------------------
Update Information:
https://deluge.readthedocs.io/en/deluge-2.2.0/changelog.html
2.2.0 (2025-04-28)
Breaking changes
Removed Python 3.6 support (Python >= 3.7)
Core
Fix GHSL-2024-189 - insecure HTTP for new version check.
Fix alert handler segfault.
Add support for creating v2 torrents.
GTK UI
Fix changing torrent ownership.
Fix upper limit of upload/download in Add Torrent dialog.
Fix #3339 - Resizing window crashes with Piecesbar or Stats plugin.
Fix #3350 - Unable to use quick search.
Fix #3598 - Missing AppIndicator option in Preferences.
Set Appindicator as default for tray icon on Linux.
Add feature to switch between dark/light themes.
Web UI
Fix GHSL-2024-191 - potential flag endpoint path traversal.
Fix GHSL-2024-188 - js script dir traversal vulnerability.
Fix GHSL-2024-190 - insecure tracker icon endpoint.
Fix unable to stop daemon in connection manager.
Fix responsiveness to avoid ???Connection lost???.
Add support for network interface name as well as IP address.
Add ability to change UI theme.
Console UI
Fix ???rm??? and ???move??? commands hanging when done.
Fix #3538 - Unable to add host in connection manager.
Disable interactive-mode on Windows.
UI library
Fix tracker icon display by converting to png format.
Fix splitting trackers by newline
Add clickable URLs for torrent comment and tracker status.
Label
Fix torrent deletion not removed from config.
Fix label display name in submenu.
AutoAdd
Fix #3515 - Torrent file decoding errors disabled watch folder.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 1 2025 Michael Cronenworth [mike@cchtml.com] - 2.2.0-1
- Version update
* Tue Feb 11 2025 Zbigniew J??drzejewski-Szmek [zbyszek@in.waw.pl] - 2.1.1-12
- Add sysusers.d config file to allow rpm to create users/groups automatically
* Thu Jan 16 2025 Fedora Release Engineering [releng@fedoraproject.org] - 2.1.1-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2363230 - deluge-2.2.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2363230
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d23a07ad00' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 41 Update: python-h11-0.14.0-7.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-2fd25cfb83
2025-05-11 02:30:35.179655+00:00
--------------------------------------------------------------------------------
Name : python-h11
Product : Fedora 41
Version : 0.14.0
Release : 7.fc41
URL : https://github.com/python-hyper/h11
Summary : A pure-Python, bring-your-own-I/O implementation of HTTP/1.1
Description :
This is a little HTTP/1.1 library written from scratch in Python, heavily
inspired by hyper-h2. It is a "bring-your-own-I/O" library; h11 contains no IO
code whatsoever. This means you can hook h11 up to your favorite network API,
and that could be anything you want: synchronous, threaded, asynchronous, or
your own implementation of RFC 6214 -- h11 will not judge you. This also means
that h11 is not immediately useful out of the box: it is a toolkit for building
programs that speak HTTP, not something that could directly replace requests or
twisted.web or whatever. But h11 makes it much easier to implement something
like requests or twisted.web.
--------------------------------------------------------------------------------
Update Information:
Backport upstream fix for CVE-2025-43859
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 2 2025 Robby Callicotte [rcallicotte@fedoraproject.org] - 0.14.0-7
- Backport upstream fix for CVE-2025-43859
* Sat Jan 18 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.14.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2362286 - CVE-2025-43859 python-h11: h11 accepts some malformed Chunked-Encoding bodies [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2362286
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-2fd25cfb83' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 40 Update: chromium-136.0.7103.92-1.fc40
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-24e77c2676
2025-05-11 01:42:02.655217+00:00
--------------------------------------------------------------------------------
Name : chromium
Product : Fedora 40
Version : 136.0.7103.92
Release : 1.fc40
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).
--------------------------------------------------------------------------------
Update Information:
Update to 136.0.7103.92
CVE-2025-4372: Use after free in WebAudio
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 7 2025 Than Ngo [than@redhat.com] - 136.0.7103.92-1
- Update to 136.0.7103.92
* CVE-2025-4372: Use after free in WebAudio
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2364609 - CVE-2025-4372 chromium: Use after free in WebAudio [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2364609
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-24e77c2676' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 40 Update: php-adodb-5.22.9-1.fc40
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-101800c1e1
2025-05-11 01:42:02.655196+00:00
--------------------------------------------------------------------------------
Name : php-adodb
Product : Fedora 40
Version : 5.22.9
Release : 1.fc40
URL : http://adodb.org
Summary : Database abstraction layer for PHP
Description :
ADOdb is an object oriented library written in PHP that abstracts database
operations for portability. It is modelled on Microsoft's ADO, but has many
improvements that make it unique (eg. pivot tables, Active Record support,
generating HTML for paging recordsets with next and previous links, cached
recordsets, HTML menu generation, etc).
ADOdb hides the differences between the different databases so you can easily
switch DBs without changing code.
--------------------------------------------------------------------------------
Update Information:
5.22.9
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 2 2025 Gwyn Ciesla [gwync@protonmail.com] - 5.22.9-1
- 5.22.9
* Sat Jan 18 2025 Fedora Release Engineering [releng@fedoraproject.org] - 5.22.7-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Fri Jul 19 2024 Fedora Release Engineering [releng@fedoraproject.org] - 5.22.7-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2363627 - CVE-2025-46337 php-adodb: SQL injection in ADOdb PostgreSQL driver pg_insert_id() method [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=2363627
[ 2 ] Bug #2363628 - CVE-2025-46337 php-adodb: SQL injection in ADOdb PostgreSQL driver pg_insert_id() method [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2363628
[ 3 ] Bug #2363629 - CVE-2025-46337 php-adodb: SQL injection in ADOdb PostgreSQL driver pg_insert_id() method [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2363629
[ 4 ] Bug #2363630 - CVE-2025-46337 php-adodb: SQL injection in ADOdb PostgreSQL driver pg_insert_id() method [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2363630
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-101800c1e1' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 40 Update: nodejs22-22.15.0-2.fc40
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-3eb5235527
2025-05-11 01:42:02.655185+00:00
--------------------------------------------------------------------------------
Name : nodejs22
Product : Fedora 40
Version : 22.15.0
Release : 2.fc40
URL : http://nodejs.org/
Summary : JavaScript runtime
Description :
Node.js is a platform built on Chrome's JavaScript runtime \
for easily building fast, scalable network applications. \
Node.js uses an event-driven, non-blocking I/O model that \
makes it lightweight and efficient, perfect for data-intensive \
real-time applications that run across distributed devices.}
--------------------------------------------------------------------------------
Update Information:
Update to version 22.15.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 30 2025 tjuhasz [tjuhasz@redhat.com] - 1:22.15.0-2
- Fix test run by adding library path
* Mon Apr 28 2025 tjuhasz [tjuhasz@redhat.com] - 1:22.15.0-1
- Update to version 22.15.0 (rhbz#2361835)
* Wed Apr 23 2025 tjuhasz [tjuhasz@redhat.com] - 1:22.14.0-9
- Remove unused functions from spec file and template
* Tue Apr 15 2025 Tomas Juhasz [tjuhasz@redhat.com] - 1:22.14.0-8
- RPMAUTOSPEC: unresolvable merge
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2358568 - CVE-2025-31498 nodejs22: c-ares has a use-after-free in read_answers() [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2358568
[ 2 ] Bug #2358571 - CVE-2025-31498 nodejs22: c-ares has a use-after-free in read_answers() [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2358571
[ 3 ] Bug #2361835 - nodejs22-22.15.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2361835
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-3eb5235527' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 40 Update: python-h11-0.14.0-7.fc40
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-bd59b39ab6
2025-05-11 01:42:02.655172+00:00
--------------------------------------------------------------------------------
Name : python-h11
Product : Fedora 40
Version : 0.14.0
Release : 7.fc40
URL : https://github.com/python-hyper/h11
Summary : A pure-Python, bring-your-own-I/O implementation of HTTP/1.1
Description :
This is a little HTTP/1.1 library written from scratch in Python, heavily
inspired by hyper-h2. It is a "bring-your-own-I/O" library; h11 contains no IO
code whatsoever. This means you can hook h11 up to your favorite network API,
and that could be anything you want: synchronous, threaded, asynchronous, or
your own implementation of RFC 6214 -- h11 will not judge you. This also means
that h11 is not immediately useful out of the box: it is a toolkit for building
programs that speak HTTP, not something that could directly replace requests or
twisted.web or whatever. But h11 makes it much easier to implement something
like requests or twisted.web.
--------------------------------------------------------------------------------
Update Information:
Backport upstream fix for CVE-2025-43859
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 2 2025 Robby Callicotte [rcallicotte@fedoraproject.org] - 0.14.0-7
- Backport upstream fix for CVE-2025-43859
* Sat Jan 18 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.14.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Fri Jul 19 2024 Fedora Release Engineering [releng@fedoraproject.org] - 0.14.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Fri Jun 7 2024 Python Maint - 0.14.0-4
- Rebuilt for Python 3.13
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2362285 - CVE-2025-43859 python-h11: h11 accepts some malformed Chunked-Encoding bodies [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2362285
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-bd59b39ab6' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: php-adodb-5.22.9-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-118f6569ff
2025-05-11 01:15:12.231763+00:00
--------------------------------------------------------------------------------
Name : php-adodb
Product : Fedora 42
Version : 5.22.9
Release : 1.fc42
URL : http://adodb.org
Summary : Database abstraction layer for PHP
Description :
ADOdb is an object oriented library written in PHP that abstracts database
operations for portability. It is modelled on Microsoft's ADO, but has many
improvements that make it unique (eg. pivot tables, Active Record support,
generating HTML for paging recordsets with next and previous links, cached
recordsets, HTML menu generation, etc).
ADOdb hides the differences between the different databases so you can easily
switch DBs without changing code.
--------------------------------------------------------------------------------
Update Information:
5.22.9
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 2 2025 Gwyn Ciesla [gwync@protonmail.com] - 5.22.9-1
- 5.22.9
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2363627 - CVE-2025-46337 php-adodb: SQL injection in ADOdb PostgreSQL driver pg_insert_id() method [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=2363627
[ 2 ] Bug #2363628 - CVE-2025-46337 php-adodb: SQL injection in ADOdb PostgreSQL driver pg_insert_id() method [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2363628
[ 3 ] Bug #2363629 - CVE-2025-46337 php-adodb: SQL injection in ADOdb PostgreSQL driver pg_insert_id() method [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2363629
[ 4 ] Bug #2363630 - CVE-2025-46337 php-adodb: SQL injection in ADOdb PostgreSQL driver pg_insert_id() method [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2363630
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-118f6569ff' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: deluge-2.2.0-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-1c57e21dac
2025-05-11 01:15:12.231753+00:00
--------------------------------------------------------------------------------
Name : deluge
Product : Fedora 42
Version : 2.2.0
Release : 1.fc42
URL : http://deluge-torrent.org/
Summary : A GTK+ BitTorrent client with support for DHT, UPnP, and PEX
Description :
Deluge is a new BitTorrent client, created using Python and GTK+. It is
intended to bring a native, full-featured client to Linux GTK+ desktop
environments such as GNOME and XFCE. It supports features such as DHT
(Distributed Hash Tables), PEX (??Torrent-compatible Peer Exchange), and UPnP
(Universal Plug-n-Play) that allow one to more easily share BitTorrent data
even from behind a router with virtually zero configuration of port-forwarding.
--------------------------------------------------------------------------------
Update Information:
https://deluge.readthedocs.io/en/deluge-2.2.0/changelog.html
2.2.0 (2025-04-28)
Breaking changes
Removed Python 3.6 support (Python >= 3.7)
Core
Fix GHSL-2024-189 - insecure HTTP for new version check.
Fix alert handler segfault.
Add support for creating v2 torrents.
GTK UI
Fix changing torrent ownership.
Fix upper limit of upload/download in Add Torrent dialog.
Fix #3339 - Resizing window crashes with Piecesbar or Stats plugin.
Fix #3350 - Unable to use quick search.
Fix #3598 - Missing AppIndicator option in Preferences.
Set Appindicator as default for tray icon on Linux.
Add feature to switch between dark/light themes.
Web UI
Fix GHSL-2024-191 - potential flag endpoint path traversal.
Fix GHSL-2024-188 - js script dir traversal vulnerability.
Fix GHSL-2024-190 - insecure tracker icon endpoint.
Fix unable to stop daemon in connection manager.
Fix responsiveness to avoid ???Connection lost???.
Add support for network interface name as well as IP address.
Add ability to change UI theme.
Console UI
Fix ???rm??? and ???move??? commands hanging when done.
Fix #3538 - Unable to add host in connection manager.
Disable interactive-mode on Windows.
UI library
Fix tracker icon display by converting to png format.
Fix splitting trackers by newline
Add clickable URLs for torrent comment and tracker status.
Label
Fix torrent deletion not removed from config.
Fix label display name in submenu.
AutoAdd
Fix #3515 - Torrent file decoding errors disabled watch folder.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 1 2025 Michael Cronenworth [mike@cchtml.com] - 2.2.0-1
- Version update
* Tue Feb 11 2025 Zbigniew J??drzejewski-Szmek [zbyszek@in.waw.pl] - 2.1.1-12
- Add sysusers.d config file to allow rpm to create users/groups automatically
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2363230 - deluge-2.2.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2363230
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-1c57e21dac' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 42 Update: nodejs22-22.15.0-2.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d0dc563a3a
2025-05-11 01:15:12.231737+00:00
--------------------------------------------------------------------------------
Name : nodejs22
Product : Fedora 42
Version : 22.15.0
Release : 2.fc42
URL : http://nodejs.org/
Summary : JavaScript runtime
Description :
Node.js is a platform built on Chrome's JavaScript runtime \
for easily building fast, scalable network applications. \
Node.js uses an event-driven, non-blocking I/O model that \
makes it lightweight and efficient, perfect for data-intensive \
real-time applications that run across distributed devices.}
--------------------------------------------------------------------------------
Update Information:
Update to version 22.15.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 30 2025 tjuhasz [tjuhasz@redhat.com] - 1:22.15.0-2
- Fix test run by adding library path
* Mon Apr 28 2025 tjuhasz [tjuhasz@redhat.com] - 1:22.15.0-1
- Update to version 22.15.0 (rhbz#2361835)
* Wed Apr 23 2025 tjuhasz [tjuhasz@redhat.com] - 1:22.14.0-9
- Remove unused functions from spec file and template
* Tue Apr 15 2025 Tomas Juhasz [tjuhasz@redhat.com] - 1:22.14.0-8
- RPMAUTOSPEC: unresolvable merge
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2358568 - CVE-2025-31498 nodejs22: c-ares has a use-after-free in read_answers() [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2358568
[ 2 ] Bug #2358571 - CVE-2025-31498 nodejs22: c-ares has a use-after-free in read_answers() [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2358571
[ 3 ] Bug #2361835 - nodejs22-22.15.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2361835
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d0dc563a3a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: python-h11-0.14.0-7.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d1fffcc084
2025-05-11 01:15:12.231715+00:00
--------------------------------------------------------------------------------
Name : python-h11
Product : Fedora 42
Version : 0.14.0
Release : 7.fc42
URL : https://github.com/python-hyper/h11
Summary : A pure-Python, bring-your-own-I/O implementation of HTTP/1.1
Description :
This is a little HTTP/1.1 library written from scratch in Python, heavily
inspired by hyper-h2. It is a "bring-your-own-I/O" library; h11 contains no IO
code whatsoever. This means you can hook h11 up to your favorite network API,
and that could be anything you want: synchronous, threaded, asynchronous, or
your own implementation of RFC 6214 -- h11 will not judge you. This also means
that h11 is not immediately useful out of the box: it is a toolkit for building
programs that speak HTTP, not something that could directly replace requests or
twisted.web or whatever. But h11 makes it much easier to implement something
like requests or twisted.web.
--------------------------------------------------------------------------------
Update Information:
Backport upstream fix for CVE-2025-43859
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 2 2025 Robby Callicotte [rcallicotte@fedoraproject.org] - 0.14.0-7
- Backport upstream fix for CVE-2025-43859
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2362287 - CVE-2025-43859 python-h11: h11 accepts some malformed Chunked-Encoding bodies [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2362287
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d1fffcc084' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
