Fedora 42 has received several updates, including new versions of Python (3.9, 3.10, and 3.11) that address security vulnerabilities such as CVE-2025-6069, CVE-2025-8194, and CVE-2025-8291. Additionally, updates have been made to the mingw-binutils package, which includes fixes for several vulnerabilities, including CVE-2025-11082, CVE-2025-11083, CVE-2025-11494, and CVE-2025-11495. Other updated packages include complyctl (a compliance assessment tool) and suricata (an intrusion detection system), both of which have received security updates to address vulnerabilities such as CVE-2025-47906 and CVE-2025-59147.

Fedora 42 Update: python3.9-3.9.24-1.fc42
Fedora 42 Update: python3.10-3.10.19-1.fc42
Fedora 42 Update: python3.11-3.11.14-1.fc42
Fedora 42 Update: mingw-binutils-2.43.1-5.fc42
Fedora 42 Update: complyctl-0.1.0-1.fc42
Fedora 42 Update: suricata-7.0.12-1.fc42

[SECURITY] Fedora 42 Update: python3.9-3.9.24-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-1995db5517
2025-10-19 02:36:31.438236+00:00
--------------------------------------------------------------------------------

Name : python3.9
Product : Fedora 42
Version : 3.9.24
Release : 1.fc42
URL : https://www.python.org/
Summary : Version 3.9 of the Python interpreter
Description :
Python 3.9 package for developers.

This package exists to allow developers to test their code against an older
version of Python. This is not a full Python stack and if you wish to run
your applications with Python 3.9, see other distributions
that support it, such as CentOS or RHEL or older Fedora releases.

--------------------------------------------------------------------------------
Update Information:

Update to Python 3.9.24
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 10 2025 Karolina Surma [ksurma@redhat.com] - 3.9.24-1
- Update to Python 3.9.24
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 3.9.23-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2373253 - CVE-2025-6069 python3.9: Python HTMLParser quadratic complexity [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373253
[ 2 ] Bug #2384081 - CVE-2025-8194 python3.9: Cpython infinite loop when parsing a tarfile [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2384081
[ 3 ] Bug #2402877 - CVE-2025-8291 python3.9: Python zipfile End of Central Directory (EOCD) Locator record offset not checked [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2402877
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-1995db5517' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: python3.10-3.10.19-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-72bbdc5a1e
2025-10-19 02:36:31.438233+00:00
--------------------------------------------------------------------------------

Name : python3.10
Product : Fedora 42
Version : 3.10.19
Release : 1.fc42
URL : https://www.python.org/
Summary : Version 3.10 of the Python interpreter
Description :
Python 3.10 is an accessible, high-level, dynamically typed, interpreted
programming language, designed with an emphasis on code readability.
It includes an extensive standard library, and has a vast ecosystem of
third-party libraries.

The python3.10 package provides the "python3.10" executable: the reference
interpreter for the Python language, version 3.
The majority of its standard library is provided in the python3.10-libs package,
which should be installed automatically along with python3.10.
The remaining parts of the Python standard library are broken out into the
python3.10-tkinter and python3.10-test packages, which may need to be installed
separately.

Documentation for Python is provided in the python3.10-docs package.

Packages containing additional libraries for Python are generally named with
the "python3.10-" prefix.

--------------------------------------------------------------------------------
Update Information:

Update to Python 3.10.19
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 10 2025 Karolina Surma [ksurma@redhat.com] - 3.10.19-1
- Update to Python 3.10.19
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 3.10.18-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2373247 - CVE-2025-6069 python3.10: Python HTMLParser quadratic complexity [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373247
[ 2 ] Bug #2384075 - CVE-2025-8194 python3.10: Cpython infinite loop when parsing a tarfile [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2384075
[ 3 ] Bug #2402871 - CVE-2025-8291 python3.10: Python zipfile End of Central Directory (EOCD) Locator record offset not checked [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2402871
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-72bbdc5a1e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: python3.11-3.11.14-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-bcb7f16d26
2025-10-19 02:36:31.438230+00:00
--------------------------------------------------------------------------------

Name : python3.11
Product : Fedora 42
Version : 3.11.14
Release : 1.fc42
URL : https://www.python.org/
Summary : Version 3.11 of the Python interpreter
Description :
Python 3.11 is an accessible, high-level, dynamically typed, interpreted
programming language, designed with an emphasis on code readability.
It includes an extensive standard library, and has a vast ecosystem of
third-party libraries.

The python3.11 package provides the "python3.11" executable: the reference
interpreter for the Python language, version 3.
The majority of its standard library is provided in the python3.11-libs package,
which should be installed automatically along with python3.11.
The remaining parts of the Python standard library are broken out into the
python3.11-tkinter and python3.11-test packages, which may need to be installed
separately.

Documentation for Python is provided in the python3.11-docs package.

Packages containing additional libraries for Python are generally named with
the "python3.11-" prefix.

--------------------------------------------------------------------------------
Update Information:

Update to 3.11.14
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 10 2025 Karolina Surma [ksurma@redhat.com] - 3.11.14-1
- Update to 3.11.14
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 3.11.13-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2373248 - CVE-2025-6069 python3.11: Python HTMLParser quadratic complexity [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373248
[ 2 ] Bug #2384076 - CVE-2025-8194 python3.11: Cpython infinite loop when parsing a tarfile [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2384076
[ 3 ] Bug #2402872 - CVE-2025-8291 python3.11: Python zipfile End of Central Directory (EOCD) Locator record offset not checked [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2402872
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-bcb7f16d26' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: mingw-binutils-2.43.1-5.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-10c80b93e9
2025-10-19 02:36:31.438220+00:00
--------------------------------------------------------------------------------

Name : mingw-binutils
Product : Fedora 42
Version : 2.43.1
Release : 5.fc42
URL : http://www.gnu.org/software/binutils/
Summary : Cross-compiled version of binutils for Win32 and Win64 environments
Description :
Cross compiled binutils (utilities like 'strip', 'as', 'ld') which
understand Windows executables and DLLs.

--------------------------------------------------------------------------------
Update Information:

Backport fixes for CVE-2025-11082, CVE-2025-11083, CVE-2025-11494,
CVE-2025-11495.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 10 2025 Sandro Mani [manisandro@gmail.com] - 2.43.1-5
- Backport fixes for CVE-2025-11494, CVE-2025-11495, CVE-2025-11082, CVE-2025-11083
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2400354 - CVE-2025-11083 mingw-binutils: GNU Binutils Linker heap-based overflow [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2400354
[ 2 ] Bug #2400358 - CVE-2025-11082 mingw-binutils: GNU Binutils Linker heap-based overflow [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2400358
[ 3 ] Bug #2402845 - CVE-2025-11495 mingw-binutils: GNU Binutils Linker heap-based overflow [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2402845
[ 4 ] Bug #2402848 - CVE-2025-11494 mingw-binutils: GNU Binutils Linker out-of-bounds read [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2402848
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-10c80b93e9' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: complyctl-0.1.0-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-ff84d4bc22
2025-10-19 02:36:31.438172+00:00
--------------------------------------------------------------------------------

Name : complyctl
Product : Fedora 42
Version : 0.1.0
Release : 1.fc42
URL : https://github.com/complytime/complyctl
Summary : Tool to perform compliance assessment activities, scaled by plugins
Description :
complyctl leverages OSCAL to perform compliance assessment activities, using
plugins for each stage of the life-cycle.

--------------------------------------------------------------------------------
Update Information:

First minor release of complyctl - a new command line Interface for Fedora
compliance assessment.
It features a decoupled plug-in architecture for flexibility, and generates
standardized, machine-readable data using OSCAL.
Complyctl main commands released: list, info, plan, generate and scan.
More details: https://github.com/complytime/complyctl/releases/tag/v0.1.0
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 2 2025 Packit [hello@packit.dev] - 0.1.0-1
- Update to version 0.1.0
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2399329 - CVE-2025-47906 complyctl: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399329
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-ff84d4bc22' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: suricata-7.0.12-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-806d377171
2025-10-19 02:36:31.438165+00:00
--------------------------------------------------------------------------------

Name : suricata
Product : Fedora 42
Version : 7.0.12
Release : 1.fc42
URL : https://suricata.io/
Summary : Intrusion Detection System
Description :
The Suricata Engine is an Open Source Next Generation Intrusion
Detection and Prevention Engine. This engine is not intended to
just replace or emulate the existing tools in the industry, but
will bring new ideas and technologies to the field. This new Engine
supports Multi-threading, Automatic Protocol Detection (IP, TCP,
UDP, ICMP, HTTP, TLS, FTP and SMB! ), Gzip Decompression, Fast IP
Matching, and GeoIP identification.

--------------------------------------------------------------------------------
Update Information:

Upstream security and bugfix release
--------------------------------------------------------------------------------
ChangeLog:

* Sun Oct 5 2025 Jason Taylor [jtfas90@proton.me] 7.0.12-1
- New security and bugfix release
- Resolves CVE-2025-59147
- Update spec project URI
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2400928 - CVE-2025-59147 suricata: Suricata is Vulnerable to Detection Bypass via Crafted Multiple SYN Packets [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2400928
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-806d377171' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--