Fedora Linux 8798 Published by

The following security updates have been released for Fedora Linux 40:

[SECURITY] Fedora 40 Update: python3.6-3.6.15-34.fc40
[SECURITY] Fedora 40 Update: python2.7-2.7.18-43.fc40
[SECURITY] Fedora 40 Update: pypy-7.3.16-2.fc40




[SECURITY] Fedora 40 Update: python3.6-3.6.15-34.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-01a020d192
2024-08-13 07:45:30.429750
--------------------------------------------------------------------------------

Name : python3.6
Product : Fedora 40
Version : 3.6.15
Release : 34.fc40
URL : https://www.python.org/
Summary : Version 3.6 of the Python interpreter
Description :
Python 3.6 package for developers.

This package exists to allow developers to test their code against an older
version of Python. This is not a full Python stack and if you wish to run
your applications with Python 3.6, see other distributions
that support it, such as CentOS or RHEL with Software Collections
or older Fedora releases.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2024-6345 in the bundled setuptools wheel.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Aug 1 2024 Miro Hrončok - 3.6.15-34
- Security fix for CVE-2024-6345 (in bundled setuptools wheel)
* Tue Jul 23 2024 Lumír Balhar - 3.6.15-33
- Require systemtap-sdt-devel for sys/sdt.h
* Fri Jul 19 2024 Fedora Release Engineering - 3.6.15-32
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2297771 - CVE-2024-6345 pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools
https://bugzilla.redhat.com/show_bug.cgi?id=2297771
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-01a020d192' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 40 Update: python2.7-2.7.18-43.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-4c8a159e6e
2024-08-13 07:45:30.429729
--------------------------------------------------------------------------------

Name : python2.7
Product : Fedora 40
Version : 2.7.18
Release : 43.fc40
URL : https://www.python.org/
Summary : Version 2.7 of the Python interpreter
Description :
Python 2 is an old version of the language that is incompatible with the 3.x
line of releases. The language is mostly the same, but many details, especially
how built-in objects like dictionaries and strings work, have changed
considerably, and a lot of deprecated features have finally been removed in the
3.x line.

Note that Python 2 is not supported upstream after 2020-01-01, please use the
python3 package instead if you can.

This package also provides the "python2" executable.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2024-6345 in the bundled setuptools wheel.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Aug 1 2024 Miro Hrončok - 2.7.18-43
- Security fix for CVE-2024-6345 (in bundled setuptools wheel)
* Mon Jul 22 2024 Lumír Balhar - 2.7.18-42
- Add /usr/bin/dtrace to build deps
* Fri Jul 19 2024 Fedora Release Engineering - 2.7.18-41
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2297771 - CVE-2024-6345 pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools
https://bugzilla.redhat.com/show_bug.cgi?id=2297771
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-4c8a159e6e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 40 Update: pypy-7.3.16-2.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-4b0d95b102
2024-08-13 07:45:30.429680
--------------------------------------------------------------------------------

Name : pypy
Product : Fedora 40
Version : 7.3.16
Release : 2.fc40
URL : https://www.pypy.org/
Summary : Python implementation with a Just-In-Time compiler
Description :
PyPy's implementation of Python, featuring a Just-In-Time compiler on some CPU
architectures, and various optimized implementations of the standard types
(strings, dictionaries, etc)


This build of PyPy has JIT-compilation enabled.

--------------------------------------------------------------------------------
Update Information:

Update to 7.3.16
https://doc.pypy.org/en/latest/release-v7.3.16.html#changelog
Security fix for CVE-2024-6345.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Aug 1 2024 Miro Hrončok - 7.3.16-2
- Security fix for CVE-2024-6345 (in bundled setuptools wheel)
- Fixes: rhbz#2298675
* Mon Jul 29 2024 Miro Hrončok - 7.3.16-1
- Update to 7.3.16
- Fixes: rhbz#2276781
* Mon Jul 29 2024 Miro Hrončok - 7.3.15-5
- Fix build with
https://fedoraproject.org/wiki/Changes/OpensslDeprecateEngine
* Fri Jul 19 2024 Fedora Release Engineering - 7.3.15-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2297771 - CVE-2024-6345 pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools
https://bugzilla.redhat.com/show_bug.cgi?id=2297771
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-4b0d95b102' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------