Fedora 42 Update: mod_md-2.6.6-1.fc42
Fedora 42 Update: webkitgtk-2.50.3-1.fc42
Fedora 42 Update: conda-build-25.4.0-1.fc42
Fedora 43 Update: util-linux-2.41.3-7.fc43
Fedora 43 Update: assimp-6.0.2-4.fc43
Fedora 43 Update: mod_md-2.6.7-1.fc43
[SECURITY] Fedora 42 Update: mod_md-2.6.6-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-7b0d558ac5
2025-12-17 01:31:51.636626+00:00
--------------------------------------------------------------------------------
Name : mod_md
Product : Fedora 42
Version : 2.6.6
Release : 1.fc42
URL : https://icing.github.io/mod_md/
Summary : Certificate provisioning using ACME for the Apache HTTP Server
Description :
This module manages common properties of domains for one or more
virtual hosts. Specifically it can use the ACME protocol to automate
certificate provisioning. Certificates will be configured for managed
domains and their virtual hosts automatically, including at renewal.
--------------------------------------------------------------------------------
Update Information:
This update includes the latest upstream release of mod_md, with various bug
fixes and enhancements. See https://github.com/icing/mod_md/releases for more
information.
A fix for the security vulnerability CVE-2025-55753 is also included.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 5 2025 Joe Orton [jorton@redhat.com] - 1:2.6.6-1
- update to 2.6.6
* Mon Sep 29 2025 Joe Orton [jorton@redhat.com] - 1:2.6.2-1
- update to 2.6.2
* Thu Jul 24 2025 Fedora Release Engineering [releng@fedoraproject.org] - 1:2.4.26-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2420212 - CVE-2025-55753 httpd: Apache HTTP Server: mod_md (ACME), unintended retry intervals [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2420212
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-7b0d558ac5' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: webkitgtk-2.50.3-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-7536d2d941
2025-12-17 01:31:51.636587+00:00
--------------------------------------------------------------------------------
Name : webkitgtk
Product : Fedora 42
Version : 2.50.3
Release : 1.fc42
URL : https://www.webkitgtk.org/
Summary : GTK web content engine library
Description :
WebKitGTK is the port of the WebKit web rendering engine to the
GTK platform.
--------------------------------------------------------------------------------
Update Information:
Fix seeking and looping of media elements that set the loop property.
Fix several crashes and rendering issues.
Fix CVE-2025-13947, CVE-2025-43458, CVE-2025-66287
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 5 2025 Michael Catanzaro [mcatanzaro@redhat.com] - 2.50.3-1
- Update to 2.50.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2418580 - CVE-2025-13947 webkitgtk: WebKitGTK: Remote user-assisted information disclosure via file drag-and-drop [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2418580
[ 2 ] Bug #2418862 - CVE-2025-43458 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2418862
[ 3 ] Bug #2418866 - CVE-2025-66287 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2418866
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-7536d2d941' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: conda-build-25.4.0-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-eb0eab6793
2025-12-17 01:31:51.636606+00:00
--------------------------------------------------------------------------------
Name : conda-build
Product : Fedora 42
Version : 25.4.0
Release : 1.fc42
URL : https://github.com/conda/conda-build
Summary : Commands and tools for building conda packages
Description :
You can easily build your own packages for conda, and upload them to
anaconda.org, a free service for hosting packages for conda, as well as other
package managers. To build a package, create a recipe. See
http://github.com/conda/conda-recipes for many example recipes, and
http://conda.pydata.org/docs/build.html for documentation on how to build
recipes.
To upload to anaconda.org, create an account. Then, install the
anaconda-client and login
$ conda install anaconda-client
$ anaconda login
Then, after you build your recipe
$ conda build
you will be prompted to upload to anaconda.org.
To add your anaconda.org channel, or the channel of others to conda so that
conda install will find and install their packages, run
$ conda config --add channels https://conda.anaconda.org/username
(replacing username with the user name of the person whose channel you want to
add).
--------------------------------------------------------------------------------
Update Information:
Update to 25.4.0
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 8 2025 Orion Poplawski [orion@nwra.com] - 25.4.0-1
- Update to 25.4.0 (CVE-2025-32797, CVE-2025-32798, CVE-2025-32799,
CVE-2025-32800)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2373074 - CVE-2025-32797 conda-build: Conda-build Code Execution [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373074
[ 2 ] Bug #2373086 - CVE-2025-32800 conda-build: Conda-build supply chain confusion [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373086
[ 3 ] Bug #2373088 - CVE-2025-32798 conda-build: Conda-build Code Execution [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373088
[ 4 ] Bug #2373089 - CVE-2025-32799 conda-build: Conda-build Path Traversal [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373089
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-eb0eab6793' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 43 Update: util-linux-2.41.3-7.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-40fe2fec53
2025-12-17 01:12:56.966742+00:00
--------------------------------------------------------------------------------
Name : util-linux
Product : Fedora 43
Version : 2.41.3
Release : 7.fc43
URL : https://en.wikipedia.org/wiki/Util-linux
Summary : Collection of basic system utilities
Description :
The util-linux package contains a large variety of low-level system
utilities that are necessary for a Linux system to function. Among
others, util-linux contains the fdisk configuration tool and the login
program.
--------------------------------------------------------------------------------
Update Information:
upstream stable upgrade from 2.41.1 to 2.41.3 (CVE-2025-14104 and other issues)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 15 2025 Karel Zak [kzak@redhat.com] - 2.41.3-7
- upgrade to upstream release v2.41.3
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-40fe2fec53' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 43 Update: assimp-6.0.2-4.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-0f4b31c58e
2025-12-17 01:12:56.966718+00:00
--------------------------------------------------------------------------------
Name : assimp
Product : Fedora 43
Version : 6.0.2
Release : 4.fc43
URL : https://github.com/assimp/assimp
Summary : Library to import various 3D model formats into applications
Description :
Assimp, the Open Asset Import Library, is a free library to import
various well-known 3D model formats into applications. Assimp aims
to provide a full asset conversion pipeline for use in game
engines and real-time rendering systems, but is not limited
to these applications.
--------------------------------------------------------------------------------
Update Information:
Backport fix for CVE-2025-11277
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 14 2025 Sandro Mani [manisandro@gmail.com] - 6.0.2-4
- Backport fix for CVE-2025-11277
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-0f4b31c58e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 43 Update: mod_md-2.6.7-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-24282560e4
2025-12-17 01:12:56.966701+00:00
--------------------------------------------------------------------------------
Name : mod_md
Product : Fedora 43
Version : 2.6.7
Release : 1.fc43
URL : https://icing.github.io/mod_md/
Summary : Certificate provisioning using ACME for the Apache HTTP Server
Description :
This module manages common properties of domains for one or more
virtual hosts. Specifically it can use the ACME protocol to automate
certificate provisioning. Certificates will be configured for managed
domains and their virtual hosts automatically, including at renewal.
--------------------------------------------------------------------------------
Update Information:
This update includes the latest upstream release of mod_md, with various bug
fixes and enhancements. See https://github.com/icing/mod_md/releases for more
information.
A fix for the security vulnerability CVE-2025-55753 is also included.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 8 2025 Joe Orton [jorton@redhat.com] - 1:2.6.7-1
- update to 2.6.7.
* Fri Dec 5 2025 Joe Orton [jorton@redhat.com] - 1:2.6.6-1
- update to 2.6.6
* Mon Sep 29 2025 Joe Orton [jorton@redhat.com] - 1:2.6.2-1
- update to 2.6.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2420213 - CVE-2025-55753 httpd: Apache HTTP Server: mod_md (ACME), unintended retry intervals [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2420213
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-24282560e4' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
