Fedora 43 Update: seamonkey-2.53.22-1.fc43
Fedora 43 Update: docker-buildkit-0.25.2-1.fc43
Fedora 43 Update: runc-1.3.3-1.fc43
Fedora 43 Update: gh-2.83.0-1.fc43
Fedora 41 Update: seamonkey-2.53.22-1.fc41
Fedora 41 Update: lasso-2.9.0-1.fc41
Fedora 41 Update: docker-buildkit-0.25.2-1.fc41
Fedora 41 Update: runc-1.3.3-1.fc41
Fedora 42 Update: firefox-145.0-2.fc42
Fedora 42 Update: seamonkey-2.53.22-1.fc42
Fedora 42 Update: lasso-2.9.0-1.fc42
Fedora 42 Update: docker-buildkit-0.25.2-1.fc42
Fedora 42 Update: runc-1.3.3-1.fc42
Fedora 42 Update: gitleaks-8.29.0-1.fc42
[SECURITY] Fedora 43 Update: seamonkey-2.53.22-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-5f24a0c1ba
2025-11-14 01:25:41.063367+00:00
--------------------------------------------------------------------------------
Name : seamonkey
Product : Fedora 43
Version : 2.53.22
Release : 1.fc43
URL : http://www.seamonkey-project.org
Summary : Web browser, e-mail, news, IRC client, HTML editor
Description :
SeaMonkey is an all-in-one Internet application suite (previously made
popular by Netscape and Mozilla). It includes an Internet browser,
advanced e-mail, newsgroup and feed client, a calendar, IRC client,
HTML editor and a tool to inspect the DOM for web pages. It is derived
from the application formerly known as Mozilla Application Suite.
--------------------------------------------------------------------------------
Update Information:
Update to 2.53.22
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 5 2025 Dmitry Butskoy [Dmitry@Butskoy.name] 2.53.22-1
- update to 2.53.22
* Wed Aug 20 2025 Dominik Mierzejewski [dominik@greysector.net] - 2.53.21-3
- Drop unused yasm build dependency
See: https://fedoraproject.org/wiki/Changes/DeprecateYASM
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-5f24a0c1ba' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 43 Update: docker-buildkit-0.25.2-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d1dade0612
2025-11-14 01:25:41.063360+00:00
--------------------------------------------------------------------------------
Name : docker-buildkit
Product : Fedora 43
Version : 0.25.2
Release : 1.fc43
URL : https://github.com/moby/buildkit
Summary : Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit
Description :
Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit.
--------------------------------------------------------------------------------
Update Information:
Update to v0.25.2
CVE-2025-58183; Resolves: rhbz#2412529
CVE-2025-58188; Resolves: rhbz#2412380, rhbz#2411476, rhbz#2410945
CVE-2025-58185; Resolves: rhbz#2410578, rhbz#2410299, rhbz#2410013
CVE-2025-61723; Resolves: rhbz#2409627, rhbz#2409349, rhbz#2409065
CVE-2025-58189; Resolves: rhbz#2408157, rhbz#2407880, rhbz#2407612
Upstream updates
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 5 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 0.25.2-1
- Update to v0.25.2
- CVE-2025-58183; Resolves: rhbz#2412529
- CVE-2025-58188; Resolves: rhbz#2412380, rhbz#2411476, rhbz#2410945
- CVE-2025-58185; Resolves: rhbz#2410578, rhbz#2410299, rhbz#2410013
- CVE-2025-61723; Resolves: rhbz#2409627, rhbz#2409349, rhbz#2409065
- CVE-2025-58189; Resolves: rhbz#2408157, rhbz#2407880, rhbz#2407612
- Upstream updates
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2407612 - CVE-2025-58189 docker-buildkit: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407612
[ 2 ] Bug #2407880 - CVE-2025-58189 docker-buildkit: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2407880
[ 3 ] Bug #2408157 - CVE-2025-58189 docker-buildkit: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408157
[ 4 ] Bug #2409065 - CVE-2025-61723 docker-buildkit: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409065
[ 5 ] Bug #2409349 - CVE-2025-61723 docker-buildkit: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409349
[ 6 ] Bug #2409627 - CVE-2025-61723 docker-buildkit: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409627
[ 7 ] Bug #2410013 - CVE-2025-58185 docker-buildkit: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410013
[ 8 ] Bug #2410299 - CVE-2025-58185 docker-buildkit: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410299
[ 9 ] Bug #2410578 - CVE-2025-58185 docker-buildkit: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410578
[ 10 ] Bug #2410945 - CVE-2025-58188 docker-buildkit: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410945
[ 11 ] Bug #2411476 - CVE-2025-58188 docker-buildkit: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411476
[ 12 ] Bug #2412380 - CVE-2025-58188 docker-buildkit: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412380
[ 13 ] Bug #2412529 - CVE-2025-58183 docker-buildkit: Unbounded allocation when parsing GNU sparse map [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2412529
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d1dade0612' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 43 Update: runc-1.3.3-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-ebd4913540
2025-11-14 01:25:41.063350+00:00
--------------------------------------------------------------------------------
Name : runc
Product : Fedora 43
Version : 1.3.3
Release : 1.fc43
URL : https://github.com/opencontainers/runc
Summary : CLI for running Open Containers
Description :
The runc command can be used to start containers which are packaged
in accordance with the Open Container Initiative's specifications,
and to manage containers running under runc.
--------------------------------------------------------------------------------
Update Information:
Update to release v1.3.3
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 5 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 2:1.3.3-1
- Update to release v1.3.3
- Resolves: rhbz#2411664, rhbz#2411410, rhbz#2411148
- Resolves: rbhz#2410768, rhbz#2410512, rhbz#2410233
- Resolves: rhbz#2409818, rhbz#2409561, rhbz#2409284
- Resolves: rhbz#2408345, rhbz#2408091, rhbz#2407818
- Security. Fixes CVE-2025-31133, CVE-2025-52565, CVE-2025-52881
- Upstream new feature
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2407818 - CVE-2025-58189 runc: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407818
[ 2 ] Bug #2408091 - CVE-2025-58189 runc: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408091
[ 3 ] Bug #2408345 - CVE-2025-58189 runc: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408345
[ 4 ] Bug #2409284 - CVE-2025-61723 runc: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409284
[ 5 ] Bug #2409561 - CVE-2025-61723 runc: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409561
[ 6 ] Bug #2409818 - CVE-2025-61723 runc: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409818
[ 7 ] Bug #2411148 - CVE-2025-58188 runc: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2411148
[ 8 ] Bug #2411410 - CVE-2025-58188 runc: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411410
[ 9 ] Bug #2411664 - CVE-2025-58188 runc: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411664
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-ebd4913540' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 43 Update: gh-2.83.0-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6981d97f47
2025-11-14 01:25:41.063322+00:00
--------------------------------------------------------------------------------
Name : gh
Product : Fedora 43
Version : 2.83.0
Release : 1.fc43
URL : https://github.com/cli/cli
Summary : GitHub's official command line tool
Description :
A command-line interface to GitHub for use in your terminal or your scripts.
gh is a tool designed to enhance your workflow when working with GitHub. It
provides a seamless way to interact with GitHub repositories and perform various
actions right from the command line, eliminating the need to switch between your
terminal and the GitHub website.
--------------------------------------------------------------------------------
Update Information:
Update to 2.83.0
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 4 2025 Packit [hello@packit.dev] - 2.83.0-1
- Update to 2.83.0 upstream release
- Resolves: rhbz#2397664
* Fri Oct 10 2025 Alejandro S??ez [asm@redhat.com] - 2.79.0-2
- rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2408169 - CVE-2025-58189 gh: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408169
[ 2 ] Bug #2408706 - CVE-2025-61725 gh: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408706
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6981d97f47' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 41 Update: seamonkey-2.53.22-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-e49d776723
2025-11-14 01:07:42.820586+00:00
--------------------------------------------------------------------------------
Name : seamonkey
Product : Fedora 41
Version : 2.53.22
Release : 1.fc41
URL : http://www.seamonkey-project.org
Summary : Web browser, e-mail, news, IRC client, HTML editor
Description :
SeaMonkey is an all-in-one Internet application suite (previously made
popular by Netscape and Mozilla). It includes an Internet browser,
advanced e-mail, newsgroup and feed client, a calendar, IRC client,
HTML editor and a tool to inspect the DOM for web pages. It is derived
from the application formerly known as Mozilla Application Suite.
--------------------------------------------------------------------------------
Update Information:
Update to 2.53.22
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 5 2025 Dmitry Butskoy [Dmitry@Butskoy.name] 2.53.22-1
- update to 2.53.22
* Wed Aug 20 2025 Dominik Mierzejewski [dominik@greysector.net] - 2.53.21-3
- Drop unused yasm build dependency
See: https://fedoraproject.org/wiki/Changes/DeprecateYASM
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 2.53.21-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-e49d776723' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: lasso-2.9.0-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-7e6204e34e
2025-11-14 01:07:42.820588+00:00
--------------------------------------------------------------------------------
Name : lasso
Product : Fedora 41
Version : 2.9.0
Release : 1.fc41
URL : https://lasso.entrouvert.org/
Summary : Liberty Alliance Single Sign On
Description :
Lasso is a library that implements the Liberty Alliance Single Sign On
standards, including the SAML and SAML2 specifications. It allows to handle
the whole life-cycle of SAML based Federations, and provides bindings
for multiple languages.
--------------------------------------------------------------------------------
Update Information:
Update to 2.9.0
Fixes CVE-2025-46705
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 19 2025 Xavier Bachelot [xavier@bachelot.org] - 2.9.0-1
- Update to 2.9.0 (RHBZ#2387825)
* Fri Aug 15 2025 Python Maint - 2.8.2-21
- Rebuilt for Python 3.14.0rc2 bytecode
* Thu Jul 24 2025 Fedora Release Engineering [releng@fedoraproject.org] - 2.8.2-20
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Mon Jul 7 2025 Jitka Plesnikova [jplesnik@redhat.com] - 2.8.2-19
- Perl 5.42 rebuild
* Mon Jun 2 2025 Python Maint - 2.8.2-18
- Rebuilt for Python 3.14
* Wed May 14 2025 Xavier Bachelot [xavier@bachelot.org] - 2.8.2-17
- Add patch to fix python binding tests with python 3.14 (RHBZ#2365819)
* Tue Feb 18 2025 Xavier Bachelot [xavier@bachelot.org] - 2.8.2-16
- Drop EL7/python2 support
- Set min_hash_algo to sha256 for f42+
- Fix conditional around JAVA_HOME export
- Add patch to fix build with gcc15
* Fri Jan 17 2025 Fedora Release Engineering [releng@fedoraproject.org] - 2.8.2-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-7e6204e34e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: docker-buildkit-0.25.2-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-122a933cad
2025-11-14 01:07:42.820581+00:00
--------------------------------------------------------------------------------
Name : docker-buildkit
Product : Fedora 41
Version : 0.25.2
Release : 1.fc41
URL : https://github.com/moby/buildkit
Summary : Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit
Description :
Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit.
--------------------------------------------------------------------------------
Update Information:
Update to v0.25.2
CVE-2025-58183; Resolves: rhbz#2412529
CVE-2025-58188; Resolves: rhbz#2412380, rhbz#2411476, rhbz#2410945
CVE-2025-58185; Resolves: rhbz#2410578, rhbz#2410299, rhbz#2410013
CVE-2025-61723; Resolves: rhbz#2409627, rhbz#2409349, rhbz#2409065
CVE-2025-58189; Resolves: rhbz#2408157, rhbz#2407880, rhbz#2407612
Upstream updates
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 5 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 0.25.2-1
- Update to v0.25.2
- CVE-2025-58183; Resolves: rhbz#2412529
- CVE-2025-58188; Resolves: rhbz#2412380, rhbz#2411476, rhbz#2410945
- CVE-2025-58185; Resolves: rhbz#2410578, rhbz#2410299, rhbz#2410013
- CVE-2025-61723; Resolves: rhbz#2409627, rhbz#2409349, rhbz#2409065
- CVE-2025-58189; Resolves: rhbz#2408157, rhbz#2407880, rhbz#2407612
- Upstream updates
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2407612 - CVE-2025-58189 docker-buildkit: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407612
[ 2 ] Bug #2407880 - CVE-2025-58189 docker-buildkit: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2407880
[ 3 ] Bug #2408157 - CVE-2025-58189 docker-buildkit: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408157
[ 4 ] Bug #2409065 - CVE-2025-61723 docker-buildkit: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409065
[ 5 ] Bug #2409349 - CVE-2025-61723 docker-buildkit: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409349
[ 6 ] Bug #2409627 - CVE-2025-61723 docker-buildkit: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409627
[ 7 ] Bug #2410013 - CVE-2025-58185 docker-buildkit: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410013
[ 8 ] Bug #2410299 - CVE-2025-58185 docker-buildkit: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410299
[ 9 ] Bug #2410578 - CVE-2025-58185 docker-buildkit: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410578
[ 10 ] Bug #2410945 - CVE-2025-58188 docker-buildkit: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410945
[ 11 ] Bug #2411476 - CVE-2025-58188 docker-buildkit: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411476
[ 12 ] Bug #2412380 - CVE-2025-58188 docker-buildkit: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412380
[ 13 ] Bug #2412529 - CVE-2025-58183 docker-buildkit: Unbounded allocation when parsing GNU sparse map [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2412529
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-122a933cad' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: runc-1.3.3-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6924245627
2025-11-14 01:07:42.820576+00:00
--------------------------------------------------------------------------------
Name : runc
Product : Fedora 41
Version : 1.3.3
Release : 1.fc41
URL : https://github.com/opencontainers/runc
Summary : CLI for running Open Containers
Description :
The runc command can be used to start containers which are packaged
in accordance with the Open Container Initiative's specifications,
and to manage containers running under runc.
--------------------------------------------------------------------------------
Update Information:
Update to release v1.3.3
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 5 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 2:1.3.3-1
- Update to release v1.3.3
- Resolves: rhbz#2411664, rhbz#2411410, rhbz#2411148
- Resolves: rbhz#2410768, rhbz#2410512, rhbz#2410233
- Resolves: rhbz#2409818, rhbz#2409561, rhbz#2409284
- Resolves: rhbz#2408345, rhbz#2408091, rhbz#2407818
- Security. Fixes CVE-2025-31133, CVE-2025-52565, CVE-2025-52881
- Upstream new feature
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2407818 - CVE-2025-58189 runc: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407818
[ 2 ] Bug #2408091 - CVE-2025-58189 runc: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408091
[ 3 ] Bug #2408345 - CVE-2025-58189 runc: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408345
[ 4 ] Bug #2409284 - CVE-2025-61723 runc: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409284
[ 5 ] Bug #2409561 - CVE-2025-61723 runc: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409561
[ 6 ] Bug #2409818 - CVE-2025-61723 runc: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409818
[ 7 ] Bug #2411148 - CVE-2025-58188 runc: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2411148
[ 8 ] Bug #2411410 - CVE-2025-58188 runc: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411410
[ 9 ] Bug #2411664 - CVE-2025-58188 runc: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411664
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6924245627' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: firefox-145.0-2.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-457ee8a964
2025-11-14 00:51:38.962267+00:00
--------------------------------------------------------------------------------
Name : firefox
Product : Fedora 42
Version : 145.0
Release : 2.fc42
URL : https://www.mozilla.org/firefox/
Summary : Mozilla Firefox Web browser
Description :
Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance and portability.
--------------------------------------------------------------------------------
Update Information:
Updated to latest upstream (145.0)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 11 2025 Martin Stransky [stransky@redhat.com] - 145.0-2
- Updated to 145.0 B2
* Wed Nov 5 2025 Martin Stransky [stransky@redhat.com] - 145.0-1
- Updated to 145.0
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-457ee8a964' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: seamonkey-2.53.22-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-4eaa870223
2025-11-14 00:51:38.962256+00:00
--------------------------------------------------------------------------------
Name : seamonkey
Product : Fedora 42
Version : 2.53.22
Release : 1.fc42
URL : http://www.seamonkey-project.org
Summary : Web browser, e-mail, news, IRC client, HTML editor
Description :
SeaMonkey is an all-in-one Internet application suite (previously made
popular by Netscape and Mozilla). It includes an Internet browser,
advanced e-mail, newsgroup and feed client, a calendar, IRC client,
HTML editor and a tool to inspect the DOM for web pages. It is derived
from the application formerly known as Mozilla Application Suite.
--------------------------------------------------------------------------------
Update Information:
Update to 2.53.22
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 5 2025 Dmitry Butskoy [Dmitry@Butskoy.name] 2.53.22-1
- update to 2.53.22
* Wed Aug 20 2025 Dominik Mierzejewski [dominik@greysector.net] - 2.53.21-3
- Drop unused yasm build dependency
See: https://fedoraproject.org/wiki/Changes/DeprecateYASM
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 2.53.21-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-4eaa870223' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: lasso-2.9.0-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-3edcd991a4
2025-11-14 00:51:38.962258+00:00
--------------------------------------------------------------------------------
Name : lasso
Product : Fedora 42
Version : 2.9.0
Release : 1.fc42
URL : https://lasso.entrouvert.org/
Summary : Liberty Alliance Single Sign On
Description :
Lasso is a library that implements the Liberty Alliance Single Sign On
standards, including the SAML and SAML2 specifications. It allows to handle
the whole life-cycle of SAML based Federations, and provides bindings
for multiple languages.
--------------------------------------------------------------------------------
Update Information:
Update to 2.9.0
Fixes CVE-2025-46705
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 19 2025 Xavier Bachelot [xavier@bachelot.org] - 2.9.0-1
- Update to 2.9.0 (RHBZ#2387825)
* Fri Aug 15 2025 Python Maint - 2.8.2-21
- Rebuilt for Python 3.14.0rc2 bytecode
* Thu Jul 24 2025 Fedora Release Engineering [releng@fedoraproject.org] - 2.8.2-20
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Mon Jul 7 2025 Jitka Plesnikova [jplesnik@redhat.com] - 2.8.2-19
- Perl 5.42 rebuild
* Mon Jun 2 2025 Python Maint - 2.8.2-18
- Rebuilt for Python 3.14
* Wed May 14 2025 Xavier Bachelot [xavier@bachelot.org] - 2.8.2-17
- Add patch to fix python binding tests with python 3.14 (RHBZ#2365819)
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-3edcd991a4' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: docker-buildkit-0.25.2-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-ac008831d6
2025-11-14 00:51:38.962251+00:00
--------------------------------------------------------------------------------
Name : docker-buildkit
Product : Fedora 42
Version : 0.25.2
Release : 1.fc42
URL : https://github.com/moby/buildkit
Summary : Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit
Description :
Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit.
--------------------------------------------------------------------------------
Update Information:
Update to v0.25.2
CVE-2025-58183; Resolves: rhbz#2412529
CVE-2025-58188; Resolves: rhbz#2412380, rhbz#2411476, rhbz#2410945
CVE-2025-58185; Resolves: rhbz#2410578, rhbz#2410299, rhbz#2410013
CVE-2025-61723; Resolves: rhbz#2409627, rhbz#2409349, rhbz#2409065
CVE-2025-58189; Resolves: rhbz#2408157, rhbz#2407880, rhbz#2407612
Upstream updates
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 5 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 0.25.2-1
- Update to v0.25.2
- CVE-2025-58183; Resolves: rhbz#2412529
- CVE-2025-58188; Resolves: rhbz#2412380, rhbz#2411476, rhbz#2410945
- CVE-2025-58185; Resolves: rhbz#2410578, rhbz#2410299, rhbz#2410013
- CVE-2025-61723; Resolves: rhbz#2409627, rhbz#2409349, rhbz#2409065
- CVE-2025-58189; Resolves: rhbz#2408157, rhbz#2407880, rhbz#2407612
- Upstream updates
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2407612 - CVE-2025-58189 docker-buildkit: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407612
[ 2 ] Bug #2407880 - CVE-2025-58189 docker-buildkit: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2407880
[ 3 ] Bug #2408157 - CVE-2025-58189 docker-buildkit: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408157
[ 4 ] Bug #2409065 - CVE-2025-61723 docker-buildkit: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409065
[ 5 ] Bug #2409349 - CVE-2025-61723 docker-buildkit: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409349
[ 6 ] Bug #2409627 - CVE-2025-61723 docker-buildkit: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409627
[ 7 ] Bug #2410013 - CVE-2025-58185 docker-buildkit: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410013
[ 8 ] Bug #2410299 - CVE-2025-58185 docker-buildkit: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410299
[ 9 ] Bug #2410578 - CVE-2025-58185 docker-buildkit: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410578
[ 10 ] Bug #2410945 - CVE-2025-58188 docker-buildkit: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410945
[ 11 ] Bug #2411476 - CVE-2025-58188 docker-buildkit: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411476
[ 12 ] Bug #2412380 - CVE-2025-58188 docker-buildkit: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412380
[ 13 ] Bug #2412529 - CVE-2025-58183 docker-buildkit: Unbounded allocation when parsing GNU sparse map [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2412529
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-ac008831d6' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: runc-1.3.3-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-ef192f5d10
2025-11-14 00:51:38.962243+00:00
--------------------------------------------------------------------------------
Name : runc
Product : Fedora 42
Version : 1.3.3
Release : 1.fc42
URL : https://github.com/opencontainers/runc
Summary : CLI for running Open Containers
Description :
The runc command can be used to start containers which are packaged
in accordance with the Open Container Initiative's specifications,
and to manage containers running under runc.
--------------------------------------------------------------------------------
Update Information:
Update to release v1.3.3
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 5 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 2:1.3.3-1
- Update to release v1.3.3
- Resolves: rhbz#2411664, rhbz#2411410, rhbz#2411148
- Resolves: rbhz#2410768, rhbz#2410512, rhbz#2410233
- Resolves: rhbz#2409818, rhbz#2409561, rhbz#2409284
- Resolves: rhbz#2408345, rhbz#2408091, rhbz#2407818
- Security. Fixes CVE-2025-31133, CVE-2025-52565, CVE-2025-52881
- Upstream new feature
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2407818 - CVE-2025-58189 runc: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407818
[ 2 ] Bug #2408091 - CVE-2025-58189 runc: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408091
[ 3 ] Bug #2408345 - CVE-2025-58189 runc: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408345
[ 4 ] Bug #2409284 - CVE-2025-61723 runc: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409284
[ 5 ] Bug #2409561 - CVE-2025-61723 runc: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409561
[ 6 ] Bug #2409818 - CVE-2025-61723 runc: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409818
[ 7 ] Bug #2411148 - CVE-2025-58188 runc: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2411148
[ 8 ] Bug #2411410 - CVE-2025-58188 runc: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411410
[ 9 ] Bug #2411664 - CVE-2025-58188 runc: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411664
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-ef192f5d10' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: gitleaks-8.29.0-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-a10fad6506
2025-11-14 00:51:38.962233+00:00
--------------------------------------------------------------------------------
Name : gitleaks
Product : Fedora 42
Version : 8.29.0
Release : 1.fc42
URL : https://github.com/zricethezav/gitleaks
Summary : Scan git repos (or files) for secrets using regex and entropy
Description :
Scan git repos (or files) for secrets using regex and entropy.
--------------------------------------------------------------------------------
Update Information:
Update to 8.29.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 5 2025 Packit [hello@packit.dev] - 8.29.0-1
- Update to 8.29.0 upstream release
- Resolves: rhbz#2412408
* Fri Oct 10 2025 Alejandro S??ez [asm@redhat.com] - 8.28.0-2
- rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2398693 - CVE-2025-47910 gitleaks: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398693
[ 2 ] Bug #2399374 - CVE-2025-47906 gitleaks: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399374
[ 3 ] Bug #2403150 - CVE-2025-11579 gitleaks: RarDecode Out Of Memory Crash [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2403150
[ 4 ] Bug #2407897 - CVE-2025-58189 gitleaks: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2407897
[ 5 ] Bug #2408173 - CVE-2025-58189 gitleaks: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408173
[ 6 ] Bug #2408645 - CVE-2025-61725 gitleaks: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408645
[ 7 ] Bug #2408707 - CVE-2025-61725 gitleaks: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408707
[ 8 ] Bug #2409366 - CVE-2025-61723 gitleaks: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409366
[ 9 ] Bug #2409643 - CVE-2025-61723 gitleaks: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409643
[ 10 ] Bug #2410316 - CVE-2025-58185 gitleaks: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410316
[ 11 ] Bug #2410594 - CVE-2025-58185 gitleaks: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410594
[ 12 ] Bug #2411217 - CVE-2025-58188 gitleaks: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411217
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-a10fad6506' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
