Salt, Moodle, Kubernetes, Gum for Fedora

Fedora Linux 9012 Published by

Fedora Linux has received a number of security updates, including Salt, Moodle, Kubernetes, and Gum:

Fedora 41 Update: salt-3007.4-4.fc41
Fedora 41 Update: moodle-4.4.9-1.fc41
Fedora 41 Update: kubernetes1.32-1.32.6-1.fc41
Fedora 41 Update: gum-0.16.1-1.fc41
Fedora 42 Update: salt-3007.4-4.fc42
Fedora 42 Update: kubernetes1.32-1.32.6-1.fc42
Fedora 42 Update: moodle-4.5.5-1.fc42
Fedora 42 Update: gum-0.16.1-1.fc42




[SECURITY] Fedora 41 Update: salt-3007.4-4.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-31a7eefb8f
2025-06-29 01:22:44.380219+00:00
--------------------------------------------------------------------------------

Name : salt
Product : Fedora 41
Version : 3007.4
Release : 4.fc41
URL : https://saltproject.io/
Summary : A parallel remote execution system
Description :
Salt is a distributed remote execution system used to execute commands and
query data. It was developed in order to bring the best solutions found in
the world of remote execution together and make them better, faster and more
malleable. Salt accomplishes this via its ability to handle larger loads of
information, and not just dozens, but hundreds or even thousands of individual
servers, handle them quickly and through a simple and manageable interface.

--------------------------------------------------------------------------------
Update Information:

Resolves CVE-2024-38824 RHBZ#2372731
Resolves CVE-2024-38824 RHBZ#2372733
Resolves CVE-2025-22239 RHBZ#2372732
Resolves CVE-2025-22239 RHBZ#2372734
Resolves CVE-2025-22236 RHBZ#2372774
Resolves CVE-2025-22236 RHBZ#2372776
Resolves CVE-2025-22242 RHBZ#2372741
Resolves CVE-2025-22242 RHBZ#2372745
Resolves CVE-2025-22240 RHBZ#2372746
Resolves CVE-2025-22241 RHBZ#2372748
Resolves CVE-2025-22240 RHBZ#2372752
Resolves CVE-2025-22241 RHBZ#2372753
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 19 2025 Robby Callicotte [rcallicotte@fedoraproject.org] - 3007.4-4
- Combined rpmvercmp and contextvars patches
* Thu Jun 19 2025 Robby Callicotte [rcallicotte@fedoraproject.org] - 3007.4-3
- Updated contextvars patch
* Thu Jun 19 2025 Robby Callicotte [rcallicotte@fedoraproject.org] - 3007.4-2
- Updated sources
* Thu Jun 19 2025 Robby Callicotte [rcallicotte@fedoraproject.org] - 3007.4-1
- Update to 3007.4 RHBZ#2366381 - Resolves CVE-2024-38824 RHBZ#2372731 -
Resolves CVE-2024-38824 RHBZ#2372733 - Resolves CVE-2025-22239
RHBZ#2372732 - Resolves CVE-2025-22239 RHBZ#2372734 - Resolves
CVE-2025-22236 RHBZ#2372774 - Resolves CVE-2025-22236 RHBZ#2372776 -
Resolves CVE-2025-22242 RHBZ#2372741 - Resolves CVE-2025-22242
RHBZ#2372745 - Resolves CVE-2025-22240 RHBZ#2372746 - Resolves
CVE-2025-22241 RHBZ#2372748 - Resolves CVE-2025-22240 RHBZ#2372752 -
Resolves CVE-2025-22241 RHBZ#2372753
* Mon Jun 2 2025 Python Maint - 3007.2-3
- Rebuilt for Python 3.14
* Fri May 30 2025 Robby Callicotte [rcallicotte@fedoraproject.org] - 3007.2-2
- Updated to 3007.2
* Fri May 30 2025 Robby Callicotte [rcallicotte@fedoraproject.org] - 3007.2-1
- Updated to 3007.2
* Tue Feb 11 2025 Zbigniew J??drzejewski-Szmek [zbyszek@in.waw.pl] - 3007.1-3
- Drop call to %sysusers_create_compat
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 3007.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2372747 - CVE-2024-38823 salt: Replay attack in saltstack [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2372747
[ 2 ] Bug #2372751 - CVE-2024-38823 salt: Replay attack in saltstack [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2372751
[ 3 ] Bug #2372755 - CVE-2024-38825 salt: Authentication bypass in saltstack [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2372755
[ 4 ] Bug #2372756 - CVE-2024-38822 salt: Token validation errors in saltstack [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2372756
[ 5 ] Bug #2372757 - CVE-2024-38825 salt: Authentication bypass in saltstack [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2372757
[ 6 ] Bug #2372758 - CVE-2024-38822 salt: Token validation errors in saltstack [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2372758
[ 7 ] Bug #2372772 - CVE-2025-22238 salt: Directory traversal in salt project [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2372772
[ 8 ] Bug #2372773 - CVE-2025-22237 salt: Code injection in salt project [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2372773
[ 9 ] Bug #2372775 - CVE-2025-22237 salt: Code injection in salt project [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2372775
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-31a7eefb8f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 41 Update: moodle-4.4.9-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-622bed7e7a
2025-06-29 01:22:44.380196+00:00
--------------------------------------------------------------------------------

Name : moodle
Product : Fedora 41
Version : 4.4.9
Release : 1.fc41
URL : https://moodle.org/
Summary : A Course Management System
Description :
Moodle is a course management system (CMS) - a free, Open Source software
package designed using sound pedagogical principles, to help educators create
effective online learning communities.

--------------------------------------------------------------------------------
Update Information:

4.4.9
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 19 2025 Gwyn Ciesla [gwync@protonmail.com] - 4.4.9-1
- 4.4.9
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2373851 - CVE-2025-49518 moodle: IDOR allows fetching of recently accessed courses for other users via web service [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2373851
[ 2 ] Bug #2373855 - CVE-2025-49513 moodle: Password can be revealed in login page after log out due to caching [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2373855
[ 3 ] Bug #2373857 - CVE-2025-49514 moodle: SSRF risk via DNS rebind [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2373857
[ 4 ] Bug #2373858 - CVE-2025-49515 moodle: Course visibility not honoured consistently [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2373858
[ 5 ] Bug #2373860 - CVE-2025-49516 moodle: CSRF risk in badges backpack management [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2373860
[ 6 ] Bug #2373863 - CVE-2025-49517 moodle: Missing authorisation checks in BigBlueButton view page [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2373863
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-622bed7e7a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: kubernetes1.32-1.32.6-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-509fc3c663
2025-06-29 01:22:44.380201+00:00
--------------------------------------------------------------------------------

Name : kubernetes1.32
Product : Fedora 41
Version : 1.32.6
Release : 1.fc41
URL : https://github.com/kubernetes/kubernetes
Summary : Open Source Production-Grade Container Scheduling And Management Platform
Description :

Production-Grade Container Scheduling and Management.
Installs kubelet, the kubernetes agent on each machine in a
cluster. The kubernetes-client sub-package,
containing kubectl, is recommended but not strictly required.
The kubernetes-client sub-package should be installed on
control plane machines.

--------------------------------------------------------------------------------
Update Information:

Update to release v1.32.6
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 19 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.32.6-1
- Update to release v1.32.6
- Resolves: rhbz#2373848,rhbz#2373847
- Resolves: CVE-2025-4563
- Upstream fixes and cleanups
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2373847 - CVE-2025-4563 kubernetes1.32: NodeRestriction Admission Controller Dynamic Resource Allocation Bypass [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2373847
[ 2 ] Bug #2373848 - CVE-2025-4563 kubernetes1.32: NodeRestriction Admission Controller Dynamic Resource Allocation Bypass [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373848
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-509fc3c663' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: gum-0.16.1-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-f8047140f4
2025-06-29 01:22:44.380080+00:00
--------------------------------------------------------------------------------

Name : gum
Product : Fedora 41
Version : 0.16.1
Release : 1.fc41
URL : https://github.com/charmbracelet/gum
Summary : Tool for glamorous shell scripts
Description :
A tool for glamorous shell scripts. Leverage the power of Bubbles and Lip Gloss
in your scripts and aliases without writing any Go code!

--------------------------------------------------------------------------------
Update Information:

Update to version 0.16.1 for various bugfixes. This also fixes CVE-2025-22872 in
the bundled golang.org/x/net/html.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun 18 2025 Carl George [carlwgeorge@fedoraproject.org] - 0.16.1-1
- Update to version 0.16.1 rhbz#2369461
* Fri Apr 18 2025 Carl George [carlwgeorge@fedoraproject.org] - 0.16.0-1
- Update to version 0.16.0 rhbz#2351450
* Tue Feb 11 2025 Carl George [carlwgeorge@fedoraproject.org] - 0.15.2-1
- Update to version 0.15.2 rhbz#2337426
* Fri Jan 17 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.14.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2360604 - CVE-2025-22872 gum: Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2360604
[ 2 ] Bug #2369461 - gum-0.16.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2369461
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-f8047140f4' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 42 Update: salt-3007.4-4.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-a5d73a0399
2025-06-29 01:03:14.526449+00:00
--------------------------------------------------------------------------------

Name : salt
Product : Fedora 42
Version : 3007.4
Release : 4.fc42
URL : https://saltproject.io/
Summary : A parallel remote execution system
Description :
Salt is a distributed remote execution system used to execute commands and
query data. It was developed in order to bring the best solutions found in
the world of remote execution together and make them better, faster and more
malleable. Salt accomplishes this via its ability to handle larger loads of
information, and not just dozens, but hundreds or even thousands of individual
servers, handle them quickly and through a simple and manageable interface.

--------------------------------------------------------------------------------
Update Information:

Resolves CVE-2024-38824 RHBZ#2372731
Resolves CVE-2024-38824 RHBZ#2372733
Resolves CVE-2025-22239 RHBZ#2372732
Resolves CVE-2025-22239 RHBZ#2372734
Resolves CVE-2025-22236 RHBZ#2372774
Resolves CVE-2025-22236 RHBZ#2372776
Resolves CVE-2025-22242 RHBZ#2372741
Resolves CVE-2025-22242 RHBZ#2372745
Resolves CVE-2025-22240 RHBZ#2372746
Resolves CVE-2025-22241 RHBZ#2372748
Resolves CVE-2025-22240 RHBZ#2372752
Resolves CVE-2025-22241 RHBZ#2372753
Resolves RHBZ#2366381
Resolves CVE-2024-38824 RHBZ#2372731
Resolves CVE-2024-38824 RHBZ#2372733
Resolves CVE-2025-22239 RHBZ#2372732
Resolves CVE-2025-22239 RHBZ#2372734
Resolves CVE-2025-22236 RHBZ#2372774
Resolves CVE-2025-22236 RHBZ#2372776
Resolves CVE-2025-22242 RHBZ#2372741
Resolves CVE-2025-22242 RHBZ#2372745
Resolves CVE-2025-22240 RHBZ#2372746
Resolves CVE-2025-22241 RHBZ#2372748
Resolves CVE-2025-22240 RHBZ#2372752
Resolves CVE-2025-22241 RHBZ#2372753
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 19 2025 Robby Callicotte [rcallicotte@fedoraproject.org] - 3007.4-4
- Combined rpmvercmp and contextvars patches
* Thu Jun 19 2025 Robby Callicotte [rcallicotte@fedoraproject.org] - 3007.4-3
- Updated contextvars patch
* Thu Jun 19 2025 Robby Callicotte [rcallicotte@fedoraproject.org] - 3007.4-2
- Updated sources
* Thu Jun 19 2025 Robby Callicotte [rcallicotte@fedoraproject.org] - 3007.4-1
- Update to 3007.4 RHBZ#2366381 - Resolves CVE-2024-38824 RHBZ#2372731 -
Resolves CVE-2024-38824 RHBZ#2372733 - Resolves CVE-2025-22239
RHBZ#2372732 - Resolves CVE-2025-22239 RHBZ#2372734 - Resolves
CVE-2025-22236 RHBZ#2372774 - Resolves CVE-2025-22236 RHBZ#2372776 -
Resolves CVE-2025-22242 RHBZ#2372741 - Resolves CVE-2025-22242
RHBZ#2372745 - Resolves CVE-2025-22240 RHBZ#2372746 - Resolves
CVE-2025-22241 RHBZ#2372748 - Resolves CVE-2025-22240 RHBZ#2372752 -
Resolves CVE-2025-22241 RHBZ#2372753
* Mon Jun 2 2025 Python Maint - 3007.2-3
- Rebuilt for Python 3.14
* Fri May 30 2025 Robby Callicotte [rcallicotte@fedoraproject.org] - 3007.2-2
- Updated to 3007.2
* Fri May 30 2025 Robby Callicotte [rcallicotte@fedoraproject.org] - 3007.2-1
- Updated to 3007.2
* Tue Feb 11 2025 Zbigniew J??drzejewski-Szmek [zbyszek@in.waw.pl] - 3007.1-3
- Drop call to %sysusers_create_compat
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2372747 - CVE-2024-38823 salt: Replay attack in saltstack [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2372747
[ 2 ] Bug #2372751 - CVE-2024-38823 salt: Replay attack in saltstack [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2372751
[ 3 ] Bug #2372755 - CVE-2024-38825 salt: Authentication bypass in saltstack [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2372755
[ 4 ] Bug #2372756 - CVE-2024-38822 salt: Token validation errors in saltstack [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2372756
[ 5 ] Bug #2372757 - CVE-2024-38825 salt: Authentication bypass in saltstack [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2372757
[ 6 ] Bug #2372758 - CVE-2024-38822 salt: Token validation errors in saltstack [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2372758
[ 7 ] Bug #2372772 - CVE-2025-22238 salt: Directory traversal in salt project [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2372772
[ 8 ] Bug #2372773 - CVE-2025-22237 salt: Code injection in salt project [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2372773
[ 9 ] Bug #2372775 - CVE-2025-22237 salt: Code injection in salt project [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2372775
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-a5d73a0399' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 42 Update: kubernetes1.32-1.32.6-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-b8463b0972
2025-06-29 01:03:14.526432+00:00
--------------------------------------------------------------------------------

Name : kubernetes1.32
Product : Fedora 42
Version : 1.32.6
Release : 1.fc42
URL : https://github.com/kubernetes/kubernetes
Summary : Open Source Production-Grade Container Scheduling And Management Platform
Description :

Production-Grade Container Scheduling and Management.
Installs kubelet, the kubernetes agent on each machine in a
cluster. The kubernetes-client sub-package,
containing kubectl, is recommended but not strictly required.
The kubernetes-client sub-package should be installed on
control plane machines.

--------------------------------------------------------------------------------
Update Information:

Update to release v1.32.6
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 19 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.32.6-1
- Update to release v1.32.6
- Resolves: rhbz#2373848,rhbz#2373847
- Resolves: CVE-2025-4563
- Upstream fixes and cleanups
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2373847 - CVE-2025-4563 kubernetes1.32: NodeRestriction Admission Controller Dynamic Resource Allocation Bypass [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2373847
[ 2 ] Bug #2373848 - CVE-2025-4563 kubernetes1.32: NodeRestriction Admission Controller Dynamic Resource Allocation Bypass [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373848
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-b8463b0972' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 42 Update: moodle-4.5.5-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-83ab16425f
2025-06-29 01:03:14.526427+00:00
--------------------------------------------------------------------------------

Name : moodle
Product : Fedora 42
Version : 4.5.5
Release : 1.fc42
URL : https://moodle.org/
Summary : A Course Management System
Description :
Moodle is a course management system (CMS) - a free, Open Source software
package designed using sound pedagogical principles, to help educators create
effective online learning communities.

--------------------------------------------------------------------------------
Update Information:

4.5.5
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 19 2025 Gwyn Ciesla [gwync@protonmail.com] - 4.5.5-1
- 4.5.5
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2373852 - CVE-2025-49518 moodle: IDOR allows fetching of recently accessed courses for other users via web service [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373852
[ 2 ] Bug #2373856 - CVE-2025-49513 moodle: Password can be revealed in login page after log out due to caching [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373856
[ 3 ] Bug #2373859 - CVE-2025-49514 moodle: SSRF risk via DNS rebind [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373859
[ 4 ] Bug #2373861 - CVE-2025-49515 moodle: Course visibility not honoured consistently [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373861
[ 5 ] Bug #2373862 - CVE-2025-49516 moodle: CSRF risk in badges backpack management [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373862
[ 6 ] Bug #2373864 - CVE-2025-49517 moodle: Missing authorisation checks in BigBlueButton view page [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373864
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-83ab16425f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 42 Update: gum-0.16.1-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-ddcd03b103
2025-06-29 01:03:14.526274+00:00
--------------------------------------------------------------------------------

Name : gum
Product : Fedora 42
Version : 0.16.1
Release : 1.fc42
URL : https://github.com/charmbracelet/gum
Summary : Tool for glamorous shell scripts
Description :
A tool for glamorous shell scripts. Leverage the power of Bubbles and Lip Gloss
in your scripts and aliases without writing any Go code!

--------------------------------------------------------------------------------
Update Information:

Update to version 0.16.1 for various bugfixes. This also fixes CVE-2025-22872 in
the bundled golang.org/x/net/html.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun 18 2025 Carl George [carlwgeorge@fedoraproject.org] - 0.16.1-1
- Update to version 0.16.1 rhbz#2369461
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2369461 - gum-0.16.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2369461
[ 2 ] Bug #2373772 - CVE-2025-22872 gum: Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373772
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-ddcd03b103' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--


LACT 0.8.0 released

Nagvis security update for Debian 11

Windows

Linux

macOS

Community

  • Artsyl
    π˜–π˜―π˜΅π˜’π˜³π˜ͺ𝘰, 𝘊𝘒𝘯𝘒π˜₯𝘒 β€” π˜‘π˜Άπ˜―π˜¦ 18, 2025 β€” π—”π—Ώπ˜π˜€π˜†π—Ή π—§π—²π—°π—΅π—»π—Όπ—Ήπ—Όπ—΄π—Άπ—²π˜€, I ...
  • Artsyl
    May 28, 2025 – Ontario, Canada β€” Artsyl Technologies, a ...
  • Artsyl
    Artsyl Technologies has announced the latest version of ...