Fedora 41 Update: rust-slab-0.4.11-1.fc41
Fedora 41 Update: matrix-synapse-1.136.0-1.fc41
Fedora 41 Update: webkitgtk-2.48.5-1.fc41
Fedora 41 Update: socat-1.8.0.3-1.fc41
Fedora 42 Update: rust-slab-0.4.11-1.fc42
Fedora 42 Update: socat-1.8.0.3-1.fc42
[SECURITY] Fedora 41 Update: rust-slab-0.4.11-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-92719fd556
2025-08-22 02:11:10.530874+00:00
--------------------------------------------------------------------------------
Name : rust-slab
Product : Fedora 41
Version : 0.4.11
Release : 1.fc41
URL : https://crates.io/crates/slab
Summary : Pre-allocated storage for a uniform data type
Description :
Pre-allocated storage for a uniform data type.
--------------------------------------------------------------------------------
Update Information:
Update to version 0.4.11.
This version includes a fix for CVE-2025-55159, but there are zero packages in
Fedora or EPEL that use the affected API, so no rebuilds are necessary.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 13 2025 Benjamin A. Beasley [code@musicinmybrain.net] - 0.4.11-1
- Update to version 0.4.11; Fixes RHBZ#2387215; Fixes CVE-2025-55159
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.4.10-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-92719fd556' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: matrix-synapse-1.136.0-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-a257fc1a8f
2025-08-22 02:11:10.530859+00:00
--------------------------------------------------------------------------------
Name : matrix-synapse
Product : Fedora 41
Version : 1.136.0
Release : 1.fc41
URL : https://github.com/element-hq/synapse
Summary : A Matrix reference homeserver written in Python using Twisted
Description :
Matrix is an ambitious new ecosystem for open federated Instant Messaging and
VoIP. Synapse is a reference "homeserver" implementation of Matrix from the
core development team at matrix.org, written in Python/Twisted. It is intended
to showcase the concept of Matrix and let folks see the spec in the context of
a coded base and let you run your own homeserver and generally help bootstrap
the ecosystem.
--------------------------------------------------------------------------------
Update Information:
Update to v1.136.0
Update to 1.135.2
Update to 1.135.0
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 12 2025 Kai A. Hiller [V02460@gmail.com] - 1.136.0-1
- Update to v1.136.0
* Tue Aug 12 2025 Kai A. Hiller [V02460@gmail.com] - 1.135.2-3
- RPMAUTOSPEC: unresolvable merge
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2325848 - matrix-synapse-1.136.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2325848
[ 2 ] Bug #2381414 - Private bug
https://bugzilla.redhat.com/show_bug.cgi?id=2381414
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-a257fc1a8f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: webkitgtk-2.48.5-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-9b8165a4b3
2025-08-22 02:11:10.530849+00:00
--------------------------------------------------------------------------------
Name : webkitgtk
Product : Fedora 41
Version : 2.48.5
Release : 1.fc41
URL : https://www.webkitgtk.org/
Summary : GTK web content engine library
Description :
WebKitGTK is the port of the WebKit web rendering engine to the
GTK platform.
--------------------------------------------------------------------------------
Update Information:
Update to 2.48.5. Changes since 2.48.3:
Improve emoji font selection.
Improve playback of multimedia streams from blob URLs.
Fix crash when using a WebKitWebView widget in an offscreen window.
Fix several crashes and rendering issues.
CVE-2025-31273, CVE-2025-31278, CVE-2025-43211, CVE-2025-43212, CVE-2025-43216,
CVE-2025-43227, CVE-2025-43240, CVE-2025-43265, CVE-2025-6558
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 5 2025 Michael Catanzaro [mcatanzaro@redhat.com] - 2.48.5-1
- Update to 2.48.5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2386383 - CVE-2025-43265 webkitgtk: Processing maliciously crafted web content may disclose internal states of the app [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2386383
[ 2 ] Bug #2386384 - CVE-2025-43227 webkitgtk: Processing maliciously crafted web content may disclose sensitive user information [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2386384
[ 3 ] Bug #2386387 - CVE-2025-43216 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2386387
[ 4 ] Bug #2386390 - CVE-2025-43212 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2386390
[ 5 ] Bug #2386397 - CVE-2025-43211 webkitgtk: Processing web content may lead to a denial-of-service [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2386397
[ 6 ] Bug #2386406 - CVE-2025-31278 webkitgtk: Processing maliciously crafted web content may lead to memory corruption [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2386406
[ 7 ] Bug #2386409 - CVE-2025-31273 webkitgtk: Processing maliciously crafted web content may lead to memory corruption [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2386409
[ 8 ] Bug #2386415 - CVE-2025-43240 webkitgtk: A download???s origin may be incorrectly associated [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2386415
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-9b8165a4b3' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 41 Update: socat-1.8.0.3-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-4f0d6d3522
2025-08-22 02:11:10.530841+00:00
--------------------------------------------------------------------------------
Name : socat
Product : Fedora 41
Version : 1.8.0.3
Release : 1.fc41
URL : http://www.dest-unreach.org/socat/
Summary : Bidirectional data relay between two data channels ('netcat++')
Description :
Socat is a relay for bidirectional data transfer between two independent data
channels. Each of these data channels may be a file, pipe, device (serial line
etc. or a pseudo terminal), a socket (UNIX, IP4, IP6 - raw, UDP, TCP), an
SSL socket, proxy CONNECT connection, a file descriptor (stdin etc.), the GNU
line editor (readline), a program, or a combination of two of these.
--------------------------------------------------------------------------------
Update Information:
Update to 1.8.0.3 (rhbz#2307725)
Resolves: CVE-2024-54661 (rhbz#2330520)
Resolves: non-working ipv6-join-group option (rhbz#2352860)
Resolves: FTBFS in Fedora (rhbz#2385633)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 6 2025 Martin Osvald [mosvald@redhat.com] - 1.8.0.3-1
- Update to 1.8.0.3 (rhbz#2307725)
- Resolves: CVE-2024-54661 (rhbz#2330520)
- Resolves: non-working ipv6-join-group option (rhbz#2352860)
- Resolves: FTBFS in Fedora (rhbz#2385633)
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 1.8.0.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 1.8.0.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2307725 - socat-1.8.0.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2307725
[ 2 ] Bug #2330520 - CVE-2024-54661 socat: From CVEorg collector [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2330520
[ 3 ] Bug #2352860 - socat 1.8.0.0 Fedora 41/42 ipv6-join-group does nothing
https://bugzilla.redhat.com/show_bug.cgi?id=2352860
[ 4 ] Bug #2385633 - socat: FTBFS in Fedora rawhide/f43
https://bugzilla.redhat.com/show_bug.cgi?id=2385633
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-4f0d6d3522' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: rust-slab-0.4.11-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-1e9ad724f8
2025-08-22 02:08:21.664139+00:00
--------------------------------------------------------------------------------
Name : rust-slab
Product : Fedora 42
Version : 0.4.11
Release : 1.fc42
URL : https://crates.io/crates/slab
Summary : Pre-allocated storage for a uniform data type
Description :
Pre-allocated storage for a uniform data type.
--------------------------------------------------------------------------------
Update Information:
Update to version 0.4.11.
This version includes a fix for CVE-2025-55159, but there are zero packages in
Fedora or EPEL that use the affected API, so no rebuilds are necessary.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 13 2025 Benjamin A. Beasley [code@musicinmybrain.net] - 0.4.11-1
- Update to version 0.4.11; Fixes RHBZ#2387215; Fixes CVE-2025-55159
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.4.10-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-1e9ad724f8' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: socat-1.8.0.3-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-33885cfff8
2025-08-22 02:08:21.664091+00:00
--------------------------------------------------------------------------------
Name : socat
Product : Fedora 42
Version : 1.8.0.3
Release : 1.fc42
URL : http://www.dest-unreach.org/socat/
Summary : Bidirectional data relay between two data channels ('netcat++')
Description :
Socat is a relay for bidirectional data transfer between two independent data
channels. Each of these data channels may be a file, pipe, device (serial line
etc. or a pseudo terminal), a socket (UNIX, IP4, IP6 - raw, UDP, TCP), an
SSL socket, proxy CONNECT connection, a file descriptor (stdin etc.), the GNU
line editor (readline), a program, or a combination of two of these.
--------------------------------------------------------------------------------
Update Information:
Update to 1.8.0.3 (rhbz#2307725)
Resolves: CVE-2024-54661 (rhbz#2330520)
Resolves: non-working ipv6-join-group option (rhbz#2352860)
Resolves: FTBFS in Fedora (rhbz#2385633)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 6 2025 Martin Osvald [mosvald@redhat.com] - 1.8.0.3-1
- Update to 1.8.0.3 (rhbz#2307725)
- Resolves: CVE-2024-54661 (rhbz#2330520)
- Resolves: non-working ipv6-join-group option (rhbz#2352860)
- Resolves: FTBFS in Fedora (rhbz#2385633)
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 1.8.0.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2307725 - socat-1.8.0.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2307725
[ 2 ] Bug #2330520 - CVE-2024-54661 socat: From CVEorg collector [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2330520
[ 3 ] Bug #2352860 - socat 1.8.0.0 Fedora 41/42 ipv6-join-group does nothing
https://bugzilla.redhat.com/show_bug.cgi?id=2352860
[ 4 ] Bug #2385633 - socat: FTBFS in Fedora rawhide/f43
https://bugzilla.redhat.com/show_bug.cgi?id=2385633
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-33885cfff8' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
