Fedora 41 Update: rust-sevctl-0.6.2-3.fc41
Fedora 41 Update: rust-sev-6.1.0-2.fc41
Fedora 41 Update: rust-kbs-types-0.11.0-1.fc41
Fedora 41 Update: libkrun-1.13.0-1.fc41
Fedora 41 Update: aerc-0.20.1-2.fc41
Fedora 41 Update: python3.12-3.12.11-1.fc41
Fedora 41 Update: python3.11-3.11.13-1.fc41
Fedora 42 Update: rust-sevctl-0.6.2-3.fc42
Fedora 42 Update: rust-kbs-types-0.11.0-1.fc42
Fedora 42 Update: libkrun-1.13.0-1.fc42
Fedora 42 Update: rust-sev-6.1.0-2.fc42
Fedora 42 Update: python3.12-3.12.11-1.fc42
Fedora 42 Update: aerc-0.20.1-3.fc42
Fedora 42 Update: python3.11-3.11.13-1.fc42
[SECURITY] Fedora 41 Update: rust-sevctl-0.6.2-3.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-c53905e83d
2025-06-14 01:51:14.531329+00:00
--------------------------------------------------------------------------------
Name : rust-sevctl
Product : Fedora 41
Version : 0.6.2
Release : 3.fc41
URL : https://crates.io/crates/sevctl
Summary : Administrative utility for AMD SEV
Description :
Administrative utility for AMD SEV.
--------------------------------------------------------------------------------
Update Information:
This release includes improvements and fixes, and updates crossbeam-channel
dependency to address CVE-2025-4574
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 28 2025 Sergio Lopez [slp@redhat.com] - 0.6.2-3
- Regenerate with rust2rpm
* Wed May 28 2025 Sergio Lopez [slp@redhat.com] - 0.6.2-2
- Replace supported-arches with ExclusiveArch
* Wed May 28 2025 Sergio Lopez [slp@redhat.com] - 0.6.2-1
- Update to version 0.6.2 and switch to rust2rpm
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-c53905e83d' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: rust-sev-6.1.0-2.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-c53905e83d
2025-06-14 01:51:14.531329+00:00
--------------------------------------------------------------------------------
Name : rust-sev
Product : Fedora 41
Version : 6.1.0
Release : 2.fc41
URL : https://crates.io/crates/sev
Summary : Library for AMD SEV
Description :
Library for AMD SEV.
--------------------------------------------------------------------------------
Update Information:
This release includes improvements and fixes, and updates crossbeam-channel
dependency to address CVE-2025-4574
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 28 2025 Sergio Lopez [slp@redhat.com] - 6.1.0-2
- Drop vendored feature from openssl dep
* Wed May 28 2025 Sergio Lopez [slp@redhat.com] - 6.1.0-1
- Update to version 6.1.0
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 4.0.0-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-c53905e83d' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: rust-kbs-types-0.11.0-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-c53905e83d
2025-06-14 01:51:14.531329+00:00
--------------------------------------------------------------------------------
Name : rust-kbs-types
Product : Fedora 41
Version : 0.11.0
Release : 1.fc41
URL : https://crates.io/crates/kbs-types
Summary : Rust (de)serializable types for KBS
Description :
Rust (de)serializable types for KBS.
--------------------------------------------------------------------------------
Update Information:
This release includes improvements and fixes, and updates crossbeam-channel
dependency to address CVE-2025-4574
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 2 2025 Sergio Lopez [slp@redhat.com] - 0.11.0-1
- Update to version 0.11.0
* Wed May 28 2025 Sergio Lopez [slp@redhat.com] - 0.10.0-1
- Update to version 0.10.0
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.8.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-c53905e83d' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: libkrun-1.13.0-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-c53905e83d
2025-06-14 01:51:14.531329+00:00
--------------------------------------------------------------------------------
Name : libkrun
Product : Fedora 41
Version : 1.13.0
Release : 1.fc41
URL : https://github.com/containers/libkrun
Summary : Dynamic library providing Virtualization-based process isolation capabilities
Description :
Dynamic library providing Virtualization-based process isolation capabilities.
--------------------------------------------------------------------------------
Update Information:
This release includes improvements and fixes, and updates crossbeam-channel
dependency to address CVE-2025-4574
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 4 2025 Sergio Lopez [slp@redhat.com] - 1.13.0-1
- Update to version 1.13.0
* Tue May 20 2025 Sergio Lopez [slp@redhat.com] - 1.12.2-1
- Update to version 1.12.2
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-c53905e83d' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: aerc-0.20.1-2.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-5566a46596
2025-06-14 01:51:14.531302+00:00
--------------------------------------------------------------------------------
Name : aerc
Product : Fedora 41
Version : 0.20.1
Release : 2.fc41
URL : https://git.sr.ht/~rjarry/aerc
Summary : Email client for your terminal
Description :
Aerc is an email client that runs in your terminal. It is highly
efficient and extensible, perfect for the discerning hacker.
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2025-49466 (fedora#2370375)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 5 2025 Robin Jarry [robin@jarry.cc] - 0.20.1-2
- Fix CVE-2025-49466 (fedora#2370375)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2370375 - CVE-2025-49466 aerc: Aerc Attachment Path Traversal Vulnerability [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2370375
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-5566a46596' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: python3.12-3.12.11-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-3436f3d2b4
2025-06-14 01:51:14.531294+00:00
--------------------------------------------------------------------------------
Name : python3.12
Product : Fedora 41
Version : 3.12.11
Release : 1.fc41
URL : https://www.python.org/
Summary : Version 3.12 of the Python interpreter
Description :
Python 3.12 is an accessible, high-level, dynamically typed, interpreted
programming language, designed with an emphasis on code readability.
It includes an extensive standard library, and has a vast ecosystem of
third-party libraries.
The python3.12 package provides the "python3.12" executable: the reference
interpreter for the Python language, version 3.
The majority of its standard library is provided in the python3.12-libs package,
which should be installed automatically along with python3.12.
The remaining parts of the Python standard library are broken out into the
python3.12-tkinter and python3.12-test packages, which may need to be installed
separately.
Documentation for Python is provided in the python3.12-docs package.
Packages containing additional libraries for Python are generally named with
the "python3.12-" prefix.
--------------------------------------------------------------------------------
Update Information:
Update to 3.12.11.
gh-135034: [CVE 2024-12718] [CVE 2025-4138] [CVE 2025-4330] [CVE 2025-4435] [CVE
2025-4517] Fixes multiple issues that allowed tarfile extraction filters
(filter="data" and filter="tar") to be bypassed using crafted symlinks and hard
links.
gh-133767: Fix use-after-free in the ???unicode-escape??? decoder with a
non-???strict??? error handler.
gh-128840: Short-circuit the processing of long IPv6 addresses early in
ipaddress to prevent excessive memory consumption and a minor denial-of-service.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 4 2025 Tom???? Hrn??iar [thrnciar@redhat.com] - 3.12.11-1
- Update to 3.12.11
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-3436f3d2b4' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 41 Update: python3.11-3.11.13-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-56b4c0f4c4
2025-06-14 01:51:14.531285+00:00
--------------------------------------------------------------------------------
Name : python3.11
Product : Fedora 41
Version : 3.11.13
Release : 1.fc41
URL : https://www.python.org/
Summary : Version 3.11 of the Python interpreter
Description :
Python 3.11 is an accessible, high-level, dynamically typed, interpreted
programming language, designed with an emphasis on code readability.
It includes an extensive standard library, and has a vast ecosystem of
third-party libraries.
The python3.11 package provides the "python3.11" executable: the reference
interpreter for the Python language, version 3.
The majority of its standard library is provided in the python3.11-libs package,
which should be installed automatically along with python3.11.
The remaining parts of the Python standard library are broken out into the
python3.11-tkinter and python3.11-test packages, which may need to be installed
separately.
Documentation for Python is provided in the python3.11-docs package.
Packages containing additional libraries for Python are generally named with
the "python3.11-" prefix.
--------------------------------------------------------------------------------
Update Information:
Update to 3.11.13.
gh-135034: [CVE 2024-12718] [CVE 2025-4138] [CVE 2025-4330] [CVE 2025-4435] [CVE
2025-4517] Fixes multiple issues that allowed tarfile extraction filters
(filter="data" and filter="tar") to be bypassed using crafted symlinks and hard
links.
gh-133767: Fix use-after-free in the ???unicode-escape??? decoder with a
non-???strict??? error handler.
gh-128840: Short-circuit the processing of long IPv6 addresses early in
ipaddress to prevent excessive memory consumption and a minor denial-of-service.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 4 2025 Tom???? Hrn??iar [thrnciar@redhat.com] - 3.11.13-1
- Update to 3.11.13
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-56b4c0f4c4' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 42 Update: rust-sevctl-0.6.2-3.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-4fc3431dab
2025-06-14 01:09:53.632877+00:00
--------------------------------------------------------------------------------
Name : rust-sevctl
Product : Fedora 42
Version : 0.6.2
Release : 3.fc42
URL : https://crates.io/crates/sevctl
Summary : Administrative utility for AMD SEV
Description :
Administrative utility for AMD SEV.
--------------------------------------------------------------------------------
Update Information:
This release includes improvements and fixes, and updates crossbeam-channel
dependency to address CVE-2025-4574
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 28 2025 Sergio Lopez [slp@redhat.com] - 0.6.2-3
- Regenerate with rust2rpm
* Wed May 28 2025 Sergio Lopez [slp@redhat.com] - 0.6.2-2
- Replace supported-arches with ExclusiveArch
* Wed May 28 2025 Sergio Lopez [slp@redhat.com] - 0.6.2-1
- Update to version 0.6.2 and switch to rust2rpm
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-4fc3431dab' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: rust-kbs-types-0.11.0-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-4fc3431dab
2025-06-14 01:09:53.632877+00:00
--------------------------------------------------------------------------------
Name : rust-kbs-types
Product : Fedora 42
Version : 0.11.0
Release : 1.fc42
URL : https://crates.io/crates/kbs-types
Summary : Rust (de)serializable types for KBS
Description :
Rust (de)serializable types for KBS.
--------------------------------------------------------------------------------
Update Information:
This release includes improvements and fixes, and updates crossbeam-channel
dependency to address CVE-2025-4574
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 2 2025 Sergio Lopez [slp@redhat.com] - 0.11.0-1
- Update to version 0.11.0
* Wed May 28 2025 Sergio Lopez [slp@redhat.com] - 0.10.0-1
- Update to version 0.10.0
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-4fc3431dab' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: libkrun-1.13.0-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-4fc3431dab
2025-06-14 01:09:53.632877+00:00
--------------------------------------------------------------------------------
Name : libkrun
Product : Fedora 42
Version : 1.13.0
Release : 1.fc42
URL : https://github.com/containers/libkrun
Summary : Dynamic library providing Virtualization-based process isolation capabilities
Description :
Dynamic library providing Virtualization-based process isolation capabilities.
--------------------------------------------------------------------------------
Update Information:
This release includes improvements and fixes, and updates crossbeam-channel
dependency to address CVE-2025-4574
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 4 2025 Sergio Lopez [slp@redhat.com] - 1.13.0-1
- Update to version 1.13.0
* Tue May 20 2025 Sergio Lopez [slp@redhat.com] - 1.12.2-1
- Update to version 1.12.2
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-4fc3431dab' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: rust-sev-6.1.0-2.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-4fc3431dab
2025-06-14 01:09:53.632877+00:00
--------------------------------------------------------------------------------
Name : rust-sev
Product : Fedora 42
Version : 6.1.0
Release : 2.fc42
URL : https://crates.io/crates/sev
Summary : Library for AMD SEV
Description :
Library for AMD SEV.
--------------------------------------------------------------------------------
Update Information:
This release includes improvements and fixes, and updates crossbeam-channel
dependency to address CVE-2025-4574
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 28 2025 Sergio Lopez [slp@redhat.com] - 6.1.0-2
- Drop vendored feature from openssl dep
* Wed May 28 2025 Sergio Lopez [slp@redhat.com] - 6.1.0-1
- Update to version 6.1.0
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-4fc3431dab' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: python3.12-3.12.11-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-41dc96c19a
2025-06-14 01:09:53.632854+00:00
--------------------------------------------------------------------------------
Name : python3.12
Product : Fedora 42
Version : 3.12.11
Release : 1.fc42
URL : https://www.python.org/
Summary : Version 3.12 of the Python interpreter
Description :
Python 3.12 is an accessible, high-level, dynamically typed, interpreted
programming language, designed with an emphasis on code readability.
It includes an extensive standard library, and has a vast ecosystem of
third-party libraries.
The python3.12 package provides the "python3.12" executable: the reference
interpreter for the Python language, version 3.
The majority of its standard library is provided in the python3.12-libs package,
which should be installed automatically along with python3.12.
The remaining parts of the Python standard library are broken out into the
python3.12-tkinter and python3.12-test packages, which may need to be installed
separately.
Documentation for Python is provided in the python3.12-docs package.
Packages containing additional libraries for Python are generally named with
the "python3.12-" prefix.
--------------------------------------------------------------------------------
Update Information:
Update to 3.12.11.
gh-135034: [CVE 2024-12718] [CVE 2025-4138] [CVE 2025-4330] [CVE 2025-4435] [CVE
2025-4517] Fixes multiple issues that allowed tarfile extraction filters
(filter="data" and filter="tar") to be bypassed using crafted symlinks and hard
links.
gh-133767: Fix use-after-free in the ???unicode-escape??? decoder with a
non-???strict??? error handler.
gh-128840: Short-circuit the processing of long IPv6 addresses early in
ipaddress to prevent excessive memory consumption and a minor denial-of-service.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 4 2025 Tom???? Hrn??iar [thrnciar@redhat.com] - 3.12.11-1
- Update to 3.12.11
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-41dc96c19a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 42 Update: aerc-0.20.1-3.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-8efa183a30
2025-06-14 01:09:53.632844+00:00
--------------------------------------------------------------------------------
Name : aerc
Product : Fedora 42
Version : 0.20.1
Release : 3.fc42
URL : https://git.sr.ht/~rjarry/aerc
Summary : Email client for your terminal
Description :
Aerc is an email client that runs in your terminal. It is highly
efficient and extensible, perfect for the discerning hacker.
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2025-49466 (fedora#2370376)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 5 2025 Robin Jarry [robin@jarry.cc] - 0.20.1-3
- Fix CVE-2025-49466 (fedora#2370376)
* Wed Apr 16 2025 Michael J Gruber [mjg@fedoraproject.org] - 0.20.1-2
- exclude i686 arch for i686 leaf package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2370376 - CVE-2025-49466 aerc: Aerc Attachment Path Traversal Vulnerability [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2370376
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-8efa183a30' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: python3.11-3.11.13-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-81adcd3389
2025-06-14 01:09:53.632849+00:00
--------------------------------------------------------------------------------
Name : python3.11
Product : Fedora 42
Version : 3.11.13
Release : 1.fc42
URL : https://www.python.org/
Summary : Version 3.11 of the Python interpreter
Description :
Python 3.11 is an accessible, high-level, dynamically typed, interpreted
programming language, designed with an emphasis on code readability.
It includes an extensive standard library, and has a vast ecosystem of
third-party libraries.
The python3.11 package provides the "python3.11" executable: the reference
interpreter for the Python language, version 3.
The majority of its standard library is provided in the python3.11-libs package,
which should be installed automatically along with python3.11.
The remaining parts of the Python standard library are broken out into the
python3.11-tkinter and python3.11-test packages, which may need to be installed
separately.
Documentation for Python is provided in the python3.11-docs package.
Packages containing additional libraries for Python are generally named with
the "python3.11-" prefix.
--------------------------------------------------------------------------------
Update Information:
Update to 3.11.13.
gh-135034: [CVE 2024-12718] [CVE 2025-4138] [CVE 2025-4330] [CVE 2025-4435] [CVE
2025-4517] Fixes multiple issues that allowed tarfile extraction filters
(filter="data" and filter="tar") to be bypassed using crafted symlinks and hard
links.
gh-133767: Fix use-after-free in the ???unicode-escape??? decoder with a
non-???strict??? error handler.
gh-128840: Short-circuit the processing of long IPv6 addresses early in
ipaddress to prevent excessive memory consumption and a minor denial-of-service.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 4 2025 Tom???? Hrn??iar [thrnciar@redhat.com] - 3.11.13-1
- Update to 3.11.13
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-81adcd3389' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
