Fedora Linux 8637 Published by

The following security updates have been released for Fedora 40:

Fedora 40 Update: wildcard-0.3.3-3.fc40
Fedora 40 Update: snapshot-46.3-2.fc40
Fedora 40 Update: system76-keyboard-configurator-1.3.10-3.fc40
Fedora 40 Update: sudo-rs-0.2.2-3.fc40
Fedora 40 Update: ntpd-rs-1.1.2-2.fc40
Fedora 40 Update: maturin-1.5.1-2.fc40
Fedora 40 Update: loupe-46.2-2.fc40
Fedora 40 Update: gnome-tour-46.0-2.fc40
Fedora 40 Update: glycin-loaders-1.0.1-4.fc40
Fedora 40 Update: buildah-1.35.4-1.fc40




Fedora 40 Update: wildcard-0.3.3-3.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-ce2936b568
2024-05-26 01:25:15.719720
--------------------------------------------------------------------------------

Name : wildcard
Product : Fedora 40
Version : 0.3.3
Release : 3.fc40
URL : https://gitlab.gnome.org/World/Wildcard
Summary : Test your regular expressions
Description :
Wildcard gives you a nice and simple to use interface to test/practice regular
expressions.

--------------------------------------------------------------------------------
Update Information:

This update contains builds from a mini-mass-rebuild for Rust applications (and
some C-style libraries).
Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information
for the Rust standard library (and the resulting low-quality stack traces).
Additionally, builds will have picked up fixes for some minor low-priority
security and / or safety fixes in crate dependencies that had not yet been
handled via a separate (targeted) rebuild:
h2 v0.3.26+ (denial-of-service):
https://rustsec.org/advisories/RUSTSEC-2024-0332.html
glib v0.19.4+ and backports (UB): https://github.com/gtk-rs/gtk-rs-
core/pull/1343
hashbrown v0.14.5+ (UB): https://github.com/rust-lang/hashbrown/pull/511
rustls v0.22.4+, v0.21.11+ (denial-of-service):
https://rustsec.org/advisories/RUSTSEC-2024-0336.html
--------------------------------------------------------------------------------
ChangeLog:

* Fri May 24 2024 Fabio Valentini [decathorpe@gmail.com] - 0.3.3-3
- Rebuild with Rust 1.78 to fix incomplete debuginfo and backtraces
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-ce2936b568' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--



Fedora 40 Update: snapshot-46.3-2.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-ce2936b568
2024-05-26 01:25:15.719720
--------------------------------------------------------------------------------

Name : snapshot
Product : Fedora 40
Version : 46.3
Release : 2.fc40
URL : https://gitlab.gnome.org/GNOME/snapshot
Summary : Take pictures and videos
Description :
Take pictures and videos on your computer, tablet, or phone.

--------------------------------------------------------------------------------
Update Information:

This update contains builds from a mini-mass-rebuild for Rust applications (and
some C-style libraries).
Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information
for the Rust standard library (and the resulting low-quality stack traces).
Additionally, builds will have picked up fixes for some minor low-priority
security and / or safety fixes in crate dependencies that had not yet been
handled via a separate (targeted) rebuild:
h2 v0.3.26+ (denial-of-service):
https://rustsec.org/advisories/RUSTSEC-2024-0332.html
glib v0.19.4+ and backports (UB): https://github.com/gtk-rs/gtk-rs-
core/pull/1343
hashbrown v0.14.5+ (UB): https://github.com/rust-lang/hashbrown/pull/511
rustls v0.22.4+, v0.21.11+ (denial-of-service):
https://rustsec.org/advisories/RUSTSEC-2024-0336.html
--------------------------------------------------------------------------------
ChangeLog:

* Fri May 24 2024 Fabio Valentini [decathorpe@gmail.com] - 46.3-2
- Rebuild with Rust 1.78 to fix incomplete debuginfo and backtraces
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-ce2936b568' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--



Fedora 40 Update: system76-keyboard-configurator-1.3.10-3.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-ce2936b568
2024-05-26 01:25:15.719720
--------------------------------------------------------------------------------

Name : system76-keyboard-configurator
Product : Fedora 40
Version : 1.3.10
Release : 3.fc40
URL : https://github.com/pop-os/keyboard-configurator
Summary : System76 Keyboard Configurator
Description :
Application for configuration of System76 keyboard firmware.

--------------------------------------------------------------------------------
Update Information:

This update contains builds from a mini-mass-rebuild for Rust applications (and
some C-style libraries).
Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information
for the Rust standard library (and the resulting low-quality stack traces).
Additionally, builds will have picked up fixes for some minor low-priority
security and / or safety fixes in crate dependencies that had not yet been
handled via a separate (targeted) rebuild:
h2 v0.3.26+ (denial-of-service):
https://rustsec.org/advisories/RUSTSEC-2024-0332.html
glib v0.19.4+ and backports (UB): https://github.com/gtk-rs/gtk-rs-
core/pull/1343
hashbrown v0.14.5+ (UB): https://github.com/rust-lang/hashbrown/pull/511
rustls v0.22.4+, v0.21.11+ (denial-of-service):
https://rustsec.org/advisories/RUSTSEC-2024-0336.html
--------------------------------------------------------------------------------
ChangeLog:

* Fri May 24 2024 Fabio Valentini [decathorpe@gmail.com] - 1.3.10-3
- Rebuild with Rust 1.78 to fix incomplete debuginfo and backtraces
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-ce2936b568' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--



Fedora 40 Update: sudo-rs-0.2.2-3.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-ce2936b568
2024-05-26 01:25:15.719720
--------------------------------------------------------------------------------

Name : sudo-rs
Product : Fedora 40
Version : 0.2.2
Release : 3.fc40
URL : https://github.com/memorysafety/sudo-rs
Summary : Memory safe implementation of sudo and su
Description :
A memory safe implementation of sudo and su.

--------------------------------------------------------------------------------
Update Information:

This update contains builds from a mini-mass-rebuild for Rust applications (and
some C-style libraries).
Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information
for the Rust standard library (and the resulting low-quality stack traces).
Additionally, builds will have picked up fixes for some minor low-priority
security and / or safety fixes in crate dependencies that had not yet been
handled via a separate (targeted) rebuild:
h2 v0.3.26+ (denial-of-service):
https://rustsec.org/advisories/RUSTSEC-2024-0332.html
glib v0.19.4+ and backports (UB): https://github.com/gtk-rs/gtk-rs-
core/pull/1343
hashbrown v0.14.5+ (UB): https://github.com/rust-lang/hashbrown/pull/511
rustls v0.22.4+, v0.21.11+ (denial-of-service):
https://rustsec.org/advisories/RUSTSEC-2024-0336.html
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 23 2024 Fabio Valentini [decathorpe@gmail.com] - 0.2.2-3
- Rebuild with Rust 1.78 to fix incomplete debuginfo and backtraces
* Tue Mar 19 2024 Fabio Valentini [decathorpe@gmail.com] - 0.2.2-2
- Regenerate with rust2rpm v26
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-ce2936b568' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--



Fedora 40 Update: ntpd-rs-1.1.2-2.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-ce2936b568
2024-05-26 01:25:15.719720
--------------------------------------------------------------------------------

Name : ntpd-rs
Product : Fedora 40
Version : 1.1.2
Release : 2.fc40
URL : https://github.com/pendulum-project/ntpd-rs
Summary : Full-featured implementation of NTP with NTS support
Description :
Full-featured implementation of NTP with NTS support.

--------------------------------------------------------------------------------
Update Information:

This update contains builds from a mini-mass-rebuild for Rust applications (and
some C-style libraries).
Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information
for the Rust standard library (and the resulting low-quality stack traces).
Additionally, builds will have picked up fixes for some minor low-priority
security and / or safety fixes in crate dependencies that had not yet been
handled via a separate (targeted) rebuild:
h2 v0.3.26+ (denial-of-service):
https://rustsec.org/advisories/RUSTSEC-2024-0332.html
glib v0.19.4+ and backports (UB): https://github.com/gtk-rs/gtk-rs-
core/pull/1343
hashbrown v0.14.5+ (UB): https://github.com/rust-lang/hashbrown/pull/511
rustls v0.22.4+, v0.21.11+ (denial-of-service):
https://rustsec.org/advisories/RUSTSEC-2024-0336.html
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 23 2024 Fabio Valentini [decathorpe@gmail.com] - 1.1.2-2
- Rebuild with Rust 1.78 to fix incomplete debuginfo and backtraces
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-ce2936b568' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--



Fedora 40 Update: maturin-1.5.1-2.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-ce2936b568
2024-05-26 01:25:15.719720
--------------------------------------------------------------------------------

Name : maturin
Product : Fedora 40
Version : 1.5.1
Release : 2.fc40
URL : https://github.com/PyO3/maturin
Summary : Build and publish Rust crates as Python packages
Description :
Build and publish crates with pyo3, rust-cpython and cffi bindings as
well as rust binaries as python packages.

--------------------------------------------------------------------------------
Update Information:

This update contains builds from a mini-mass-rebuild for Rust applications (and
some C-style libraries).
Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information
for the Rust standard library (and the resulting low-quality stack traces).
Additionally, builds will have picked up fixes for some minor low-priority
security and / or safety fixes in crate dependencies that had not yet been
handled via a separate (targeted) rebuild:
h2 v0.3.26+ (denial-of-service):
https://rustsec.org/advisories/RUSTSEC-2024-0332.html
glib v0.19.4+ and backports (UB): https://github.com/gtk-rs/gtk-rs-
core/pull/1343
hashbrown v0.14.5+ (UB): https://github.com/rust-lang/hashbrown/pull/511
rustls v0.22.4+, v0.21.11+ (denial-of-service):
https://rustsec.org/advisories/RUSTSEC-2024-0336.html
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 23 2024 Fabio Valentini [decathorpe@gmail.com] - 1.5.1-2
- Rebuild with Rust 1.78 to fix incomplete debuginfo and backtraces
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-ce2936b568' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--



Fedora 40 Update: loupe-46.2-2.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-ce2936b568
2024-05-26 01:25:15.719720
--------------------------------------------------------------------------------

Name : loupe
Product : Fedora 40
Version : 46.2
Release : 2.fc40
URL : https://gitlab.gnome.org/GNOME/loupe
Summary : Image viewer
Description :
An image viewer application written with GTK 4, Libadwaita and Rust.

Features:

- Fast GPU accelerated image rendering with tiled rendering for SVGs
- Extendable and sandboxed (expect SVG) image decoding
- Support for more than 15 image formats by default
- Extensive support for touchpad and touchscreen gestures
- Accessible presentation of the most important metadata
- Sleek but powerful interface developed in conjunction with GNOME Human
Interface Guidelines

--------------------------------------------------------------------------------
Update Information:

This update contains builds from a mini-mass-rebuild for Rust applications (and
some C-style libraries).
Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information
for the Rust standard library (and the resulting low-quality stack traces).
Additionally, builds will have picked up fixes for some minor low-priority
security and / or safety fixes in crate dependencies that had not yet been
handled via a separate (targeted) rebuild:
h2 v0.3.26+ (denial-of-service):
https://rustsec.org/advisories/RUSTSEC-2024-0332.html
glib v0.19.4+ and backports (UB): https://github.com/gtk-rs/gtk-rs-
core/pull/1343
hashbrown v0.14.5+ (UB): https://github.com/rust-lang/hashbrown/pull/511
rustls v0.22.4+, v0.21.11+ (denial-of-service):
https://rustsec.org/advisories/RUSTSEC-2024-0336.html
--------------------------------------------------------------------------------
ChangeLog:

* Fri May 24 2024 Fabio Valentini [decathorpe@gmail.com] - 46.2-2
- Rebuild with Rust 1.78 to fix incomplete debuginfo and backtraces
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-ce2936b568' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--



Fedora 40 Update: gnome-tour-46.0-2.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-ce2936b568
2024-05-26 01:25:15.719720
--------------------------------------------------------------------------------

Name : gnome-tour
Product : Fedora 40
Version : 46.0
Release : 2.fc40
URL : https://gitlab.gnome.org/GNOME/gnome-tour
Summary : GNOME Tour and Greeter
Description :
A guided tour and greeter for GNOME.

--------------------------------------------------------------------------------
Update Information:

This update contains builds from a mini-mass-rebuild for Rust applications (and
some C-style libraries).
Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information
for the Rust standard library (and the resulting low-quality stack traces).
Additionally, builds will have picked up fixes for some minor low-priority
security and / or safety fixes in crate dependencies that had not yet been
handled via a separate (targeted) rebuild:
h2 v0.3.26+ (denial-of-service):
https://rustsec.org/advisories/RUSTSEC-2024-0332.html
glib v0.19.4+ and backports (UB): https://github.com/gtk-rs/gtk-rs-
core/pull/1343
hashbrown v0.14.5+ (UB): https://github.com/rust-lang/hashbrown/pull/511
rustls v0.22.4+, v0.21.11+ (denial-of-service):
https://rustsec.org/advisories/RUSTSEC-2024-0336.html
--------------------------------------------------------------------------------
ChangeLog:

* Fri May 24 2024 Fabio Valentini [decathorpe@gmail.com] - 46.0-2
- Rebuild with Rust 1.78 to fix incomplete debuginfo and backtraces.
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-ce2936b568' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--



Fedora 40 Update: glycin-loaders-1.0.1-4.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-ce2936b568
2024-05-26 01:25:15.719720
--------------------------------------------------------------------------------

Name : glycin-loaders
Product : Fedora 40
Version : 1.0.1
Release : 4.fc40
URL : https://gitlab.gnome.org/sophie-h/glycin
Summary : Sandboxed image rendering
Description :
Sandboxed and extendable image decoding.

--------------------------------------------------------------------------------
Update Information:

This update contains builds from a mini-mass-rebuild for Rust applications (and
some C-style libraries).
Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information
for the Rust standard library (and the resulting low-quality stack traces).
Additionally, builds will have picked up fixes for some minor low-priority
security and / or safety fixes in crate dependencies that had not yet been
handled via a separate (targeted) rebuild:
h2 v0.3.26+ (denial-of-service):
https://rustsec.org/advisories/RUSTSEC-2024-0332.html
glib v0.19.4+ and backports (UB): https://github.com/gtk-rs/gtk-rs-
core/pull/1343
hashbrown v0.14.5+ (UB): https://github.com/rust-lang/hashbrown/pull/511
rustls v0.22.4+, v0.21.11+ (denial-of-service):
https://rustsec.org/advisories/RUSTSEC-2024-0336.html
--------------------------------------------------------------------------------
ChangeLog:

* Fri May 24 2024 Fabio Valentini [decathorpe@gmail.com] - 1.0.1-4
- Rebuild with Rust 1.78 to fix incomplete debuginfo and backtraces
* Tue Apr 9 2024 Yaakov Selkowitz [yselkowi@redhat.com] - 1.0.1-3
- Disable jpegxl loader in RHEL builds
* Thu Apr 4 2024 Yaakov Selkowitz [yselkowi@redhat.com] - 1.0.1-2
- Add library dependencies
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-ce2936b568' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--



Fedora 40 Update: buildah-1.35.4-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-77a0ab280f
2024-05-26 01:25:15.719391
--------------------------------------------------------------------------------

Name : buildah
Product : Fedora 40
Version : 1.35.4
Release : 1.fc40
URL : https://buildah.io
Summary : A command line tool used for creating OCI Images
Description :
The buildah package provides a command line tool which can be used to
* create a working container from scratch
or
* create a working container from an image as a starting point
* mount/umount a working container's root file system for manipulation
* save container's root file system layer to create a new image
* delete a working container or an image

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2024-3727
Automatic update for buildah-1.35.4-1.fc40.
Changelog for buildah
* Fri May 10 2024 Packit [hello@packit.dev] - 1.35.4-1
- Update to 1.35.4 upstream release
--------------------------------------------------------------------------------
ChangeLog:

* Fri May 10 2024 Packit [hello@packit.dev] - 1.35.4-1
- Update to 1.35.4 upstream release
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-77a0ab280f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--