Fedora 42 Update: python-pdfminer-20240706-5.fc42
Fedora 42 Update: libsodium-1.0.21-2.fc42
Fedora 42 Update: wasmedge-0.15.0-4.fc42
Fedora 42 Update: nginx-1.28.1-3.fc42
[SECURITY] Fedora 42 Update: python-pdfminer-20240706-5.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-4686d11563
2026-01-11 00:54:21.425444+00:00
--------------------------------------------------------------------------------
Name : python-pdfminer
Product : Fedora 42
Version : 20240706
Release : 5.fc42
URL : https://github.com/pdfminer/pdfminer.six
Summary : Tool for extracting information from PDF documents
Description :
Pdfminer.six is a community maintained fork of the original PDFMiner. It is a
tool for extracting information from PDF documents. It focuses on getting and
analyzing text data. Pdfminer.six extracts the text from a page directly from
the sourcecode of the PDF. It can also be used to get the exact location, font
or color of the text.
It is built in a modular way such that each component of pdfminer.six can be
replaced easily. You can implement your own interpreter or rendering device
that uses the power of pdfminer.six for other purposes than text analysis.
Check out the full documentation on Read the Docs
( https://pdfminersix.readthedocs.io/).
Features:
??? Written entirely in Python.
??? Parse, analyze, and convert PDF documents.
??? PDF-1.7 specification support. (well, almost).
??? CJK languages and vertical writing scripts support.
??? Various font types (Type1, TrueType, Type3, and CID) support.
??? Support for extracting images (JPG, JBIG2, Bitmaps).
??? Support for various compressions (ASCIIHexDecode, ASCII85Decode, LZWDecode,
FlateDecode, RunLengthDecode, CCITTFaxDecode)
??? Support for RC4 and AES encryption.
??? Support for AcroForm interactive form extraction.
??? Table of contents extraction.
??? Tagged contents extraction.
??? Automatic layout analysis.
--------------------------------------------------------------------------------
Update Information:
Backport fix for CVE-2025-64512 / GHSA-wf5f-4jwr-ppcp
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 2 2026 Benjamin A. Beasley [code@musicinmybrain.net] - 20240706-5
- Backport fix for CVE-2025-64512 / GHSA-wf5f-4jwr-ppcp
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-4686d11563' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 42 Update: libsodium-1.0.21-2.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-b7217393db
2026-01-11 00:54:21.425450+00:00
--------------------------------------------------------------------------------
Name : libsodium
Product : Fedora 42
Version : 1.0.21
Release : 2.fc42
URL : https://libsodium.org/
Summary : The Sodium crypto library
Description :
Sodium is a new, easy-to-use software library for encryption, decryption,
signatures, password hashing and more. It is a portable, cross-compilable,
installable, packageable fork of NaCl, with a compatible API, and an extended
API to improve usability even further. Its goal is to provide all of the core
operations needed to build higher-level cryptographic tools. The design
choices emphasize security, and "magic constants" have clear rationales.
The same cannot be said of NIST curves, where the specific origins of certain
constants are not described by the standards. And despite the emphasis on
higher security, primitives are faster across-the-board than most
implementations of the NIST standards.
--------------------------------------------------------------------------------
Update Information:
Version 1.0.21
This point release includes all the changes from 1.0.20-stable, which
include a security fix for the crypto_core_ed25519_is_valid_point()
function, as well as two new sets of functions:
The new crypto_ipcrypt_* functions implement mechanisms for securely
encrypting and anonymizing IP addresses as specified in https://ipcrypt-
std.github.io
The sodium_bin2ip and sodium_ip2bin helper functions have been added
to complement the crypto_ipcrypt_* functions and easily convert addresses
between bytes and strings.
XOF: the crypto_xof_shake* and crypto_xof_turboshake* functions
are standard extendable output functions. From input of any length, they can
derive output of any length with the same properties as hash functions. These
primitives are required by many post-quantum mechanisms, but can also be used
for a wide range of applications, including key derivation, session encryption
and more.
Version 1.0.20-stable
XCFramework: cross-compilation is now forced on Apple Silicon to
avoid Rosetta-related build issues
The Fil-C compiler is supported out of the box
The CompCert compiler is supported out of the box
MSVC 2026 (Visual Studio 2026) is now supported
Zig builds now support FreeBSD targets
Performance of AES256-GCM and AEGIS on ARM has been improved
with some compilers
Android binaries have been added to the NuGet package
Windows ARM binaries have been added to the NuGet package
The Android build script has been improved. The base SDK is
now 27c, and the default platform is 21, supporting 16 KB page sizes.
The library can now be compiled with Zig 0.15 and Zig 0.16
Zig builds now generate position-independent static libraries by
default on targets that support PIC
arm64e builds have been added to the XCFramework packages
XCFramework packages are now full builds instead of minimal
builds
MSVC builds have been enabled for ARM64
iOS 32-bit (armv7/armv7s) support has been removed from the
XCFramework build script
Security: optblockers have been introduced in critical code paths
to prevent compilers from introducing unwanted side channels via
conditional jumps. This was observed on RISC-V targets with specific
compilers and options.
Security: crypto_core_ed25519_is_valid_point() now properly
rejects small-order points that are not in the main subgroup
((nonnull)) attributes have been relaxed on some crypto_stream*
functions to allow NULL output buffers when the output length is zero
A cross-compilation issue with old clang versions has been
fixed
JavaScript: support for Cloudflare Workers has been added
JavaScript: WASM_BIGINT is forcibly disabled to retain
compatibility with older runtimes
A compilation issue with old toolchains on Solaris has been
fixed
crypto_aead_aes256gcm_is_available is exported to JavaScript
libsodium is now compatible with Emscripten 4.x
Security: memory fences have been added after MAC verification in
AEAD to prevent speculative access to plaintext before authentication
is complete
Assembly files now include .gnu.property notes for proper IBT and
Shadow Stack support when building with CET instrumentation
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 7 2026 Remi Collet [remi@remirepo.net] - 1.0.21-2
- fix aarch64 build failure using upstream patch
* Wed Jan 7 2026 Remi Collet [remi@remirepo.net] - 1.0.21-1
- update to 1.0.21
- open https://github.com/jedisct1/libsodium/discussions/1503 build failure on aarch64
- workaround build failure using -flax-vector-conversions on aarch64
- Add missing SPDX identifiers to license field
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2426617 - CVE-2025-69277 libsodium: libsodium: Improper validation of elliptic curve points could lead to data integrity or information disclosure. [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2426617
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-b7217393db' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: wasmedge-0.15.0-4.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-de1151d09b
2026-01-11 00:54:21.425419+00:00
--------------------------------------------------------------------------------
Name : wasmedge
Product : Fedora 42
Version : 0.15.0
Release : 4.fc42
URL : https://github.com/WasmEdge/WasmEdge
Summary : High performance WebAssembly Virtual Machine
Description :
High performance WebAssembly Virtual Machine
--------------------------------------------------------------------------------
Update Information:
Backport fix for CVE-2025-22921
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 2 2026 dm4 [dm4@secondstate.io] - 0.15.0-4
- Backport fix for CVE-2025-22921
* Fri Jan 2 2026 dm4 [dm4@secondstate.io] - 0.15.0-3
- Remove the unused patch file
* Mon Dec 15 2025 Marcin Juszkiewicz [marcin@juszkiewicz.com.pl] - 0.15.0-2
- enable RISC-V 64-bit port
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2426612 - CVE-2025-69261 wasmedge: WasmEdge: Denial of Service via incorrect memory access [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2426612
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-de1151d09b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: nginx-1.28.1-3.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-8b992398d3
2026-01-11 00:54:21.425399+00:00
--------------------------------------------------------------------------------
Name : nginx
Product : Fedora 42
Version : 1.28.1
Release : 3.fc42
URL : https://nginx.org
Summary : A high performance web server and reverse proxy server
Description :
Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and
IMAP protocols, with a strong focus on high concurrency, performance and low
memory usage.
--------------------------------------------------------------------------------
Update Information:
cleanups and fixes
remove RHEL 7 compatibility
add RHEL 9 compatibility and EOL comments
restore RHEL 8 compatibility
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 2 2026 Felix Kaechele [felix@kaechele.ca] - 2:1.28.1-3
- cleanups and fixes
- remove RHEL 7 compatibility
- add RHEL 9 compatibility and EOL comments
- restore RHEL 8 compatibility
* Sat Dec 27 2025 Aleksei Bavshin [alebastr@fedoraproject.org] - 2:1.28.1-2
- Fix crash in stream SSL configuration (rhbz#2421955)
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-8b992398d3' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
