Fedora 41 Update: xmedcon-0.25.3-1.fc41
Fedora 41 Update: python-pdfminer-20240706-3.fc41
Fedora 42 Update: xmedcon-0.25.3-1.fc42
Fedora 42 Update: suricata-7.0.13-1.fc42
Fedora 42 Update: python-pdfminer-20240706-4.fc42
Fedora 43 Update: fvwm3-1.1.4-1.fc43
Fedora 43 Update: xmedcon-0.25.3-1.fc43
Fedora 43 Update: suricata-7.0.13-1.fc43
Fedora 43 Update: python-pdfminer-20251107-1.fc43
[SECURITY] Fedora 41 Update: xmedcon-0.25.3-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-9d4a8ab586
2025-11-17 03:35:27.752042+00:00
--------------------------------------------------------------------------------
Name : xmedcon
Product : Fedora 41
Version : 0.25.3
Release : 1.fc41
URL : http://xmedcon.sourceforge.net/
Summary : A medical image conversion utility and library
Description :
This project stands for Medical Image Conversion and is released under the
GNU's (L)GPL license. It bundles the C source code, a library, a flexible
command-line utility and a graphical front-end based on the amazing Gtk+
toolkit.
Its main purpose is image conversion while preserving valuable medical
study information. The currently supported formats are: Acr/Nema 2.0,
Analyze (SPM), Concorde/uPET, DICOM 3.0, CTI ECAT 6/7, InterFile 3.3
and PNG or Gif87a/89a towards desktop applications.
--------------------------------------------------------------------------------
Update Information:
upgraded to 0.25.3 fixes open bugs, CVEs, etc
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 8 2025 Filipe Rosset [rosset.filipe@gmail.com] - 0.25.3-1
- update to 0.25.3
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.24.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.24.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2335506 - xmedcon-0.25.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2335506
[ 2 ] Bug #2341576 - xmedcon: FTBFS in Fedora rawhide/f42
https://bugzilla.redhat.com/show_bug.cgi?id=2341576
[ 3 ] Bug #2354002 - CVE-2025-2581 xmedcon: xmedcon DICOM File malloc integer underflow [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2354002
[ 4 ] Bug #2385742 - xmedcon: FTBFS in Fedora rawhide/f43
https://bugzilla.redhat.com/show_bug.cgi?id=2385742
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-9d4a8ab586' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: python-pdfminer-20240706-3.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d019d16668
2025-11-17 03:35:27.752017+00:00
--------------------------------------------------------------------------------
Name : python-pdfminer
Product : Fedora 41
Version : 20240706
Release : 3.fc41
URL : https://github.com/pdfminer/pdfminer.six
Summary : Tool for extracting information from PDF documents
Description :
Pdfminer.six is a community maintained fork of the original PDFMiner. It is a
tool for extracting information from PDF documents. It focuses on getting and
analyzing text data. Pdfminer.six extracts the text from a page directly from
the sourcecode of the PDF. It can also be used to get the exact location, font
or color of the text.
It is built in a modular way such that each component of pdfminer.six can be
replaced easily. You can implement your own interpreter or rendering device
that uses the power of pdfminer.six for other purposes than text analysis.
Check out the full documentation on Read the Docs
( https://pdfminersix.readthedocs.io/).
Features:
??? Written entirely in Python.
??? Parse, analyze, and convert PDF documents.
??? PDF-1.7 specification support. (well, almost).
??? CJK languages and vertical writing scripts support.
??? Various font types (Type1, TrueType, Type3, and CID) support.
??? Support for extracting images (JPG, JBIG2, Bitmaps).
??? Support for various compressions (ASCIIHexDecode, ASCII85Decode, LZWDecode,
FlateDecode, RunLengthDecode, CCITTFaxDecode)
??? Support for RC4 and AES encryption.
??? Support for AcroForm interactive form extraction.
??? Table of contents extraction.
??? Tagged contents extraction.
??? Automatic layout analysis.
--------------------------------------------------------------------------------
Update Information:
Backport security fix for GHSA-wf5f-4jwr-ppcp / CVE-2025-64512
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 8 2025 Benjamin A. Beasley [code@musicinmybrain.net] - 20240706-3
- Backport security fix for GHSA-wf5f-4jwr-ppcp
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2414290 - CVE-2025-64512 python-pdfminer: pdfminer.six Arbitrary Code Execution via Crafted PDF Input [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2414290
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d019d16668' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 42 Update: xmedcon-0.25.3-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-805b8f571a
2025-11-17 02:58:37.813536+00:00
--------------------------------------------------------------------------------
Name : xmedcon
Product : Fedora 42
Version : 0.25.3
Release : 1.fc42
URL : http://xmedcon.sourceforge.net/
Summary : A medical image conversion utility and library
Description :
This project stands for Medical Image Conversion and is released under the
GNU's (L)GPL license. It bundles the C source code, a library, a flexible
command-line utility and a graphical front-end based on the amazing Gtk+
toolkit.
Its main purpose is image conversion while preserving valuable medical
study information. The currently supported formats are: Acr/Nema 2.0,
Analyze (SPM), Concorde/uPET, DICOM 3.0, CTI ECAT 6/7, InterFile 3.3
and PNG or Gif87a/89a towards desktop applications.
--------------------------------------------------------------------------------
Update Information:
upgraded to 0.25.3 fixes open bugs, CVEs, etc
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 8 2025 Filipe Rosset [rosset.filipe@gmail.com] - 0.25.3-1
- update to 0.25.3
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.24.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.24.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2335506 - xmedcon-0.25.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2335506
[ 2 ] Bug #2341576 - xmedcon: FTBFS in Fedora rawhide/f42
https://bugzilla.redhat.com/show_bug.cgi?id=2341576
[ 3 ] Bug #2354002 - CVE-2025-2581 xmedcon: xmedcon DICOM File malloc integer underflow [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2354002
[ 4 ] Bug #2385742 - xmedcon: FTBFS in Fedora rawhide/f43
https://bugzilla.redhat.com/show_bug.cgi?id=2385742
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-805b8f571a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: suricata-7.0.13-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-0490389cb0
2025-11-17 02:58:37.813520+00:00
--------------------------------------------------------------------------------
Name : suricata
Product : Fedora 42
Version : 7.0.13
Release : 1.fc42
URL : https://suricata.io/
Summary : Intrusion Detection System
Description :
The Suricata Engine is an Open Source Next Generation Intrusion
Detection and Prevention Engine. This engine is not intended to
just replace or emulate the existing tools in the industry, but
will bring new ideas and technologies to the field. This new Engine
supports Multi-threading, Automatic Protocol Detection (IP, TCP,
UDP, ICMP, HTTP, TLS, FTP and SMB! ), Gzip Decompression, Fast IP
Matching, and GeoIP identification.
--------------------------------------------------------------------------------
Update Information:
upstream bugfix/security release
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 8 2025 Jason Taylor [jtfas90@proton.me] 7.0.13-1
- Upstream bugfix/security release
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-0490389cb0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: python-pdfminer-20240706-4.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-453047be66
2025-11-17 02:58:37.813495+00:00
--------------------------------------------------------------------------------
Name : python-pdfminer
Product : Fedora 42
Version : 20240706
Release : 4.fc42
URL : https://github.com/pdfminer/pdfminer.six
Summary : Tool for extracting information from PDF documents
Description :
Pdfminer.six is a community maintained fork of the original PDFMiner. It is a
tool for extracting information from PDF documents. It focuses on getting and
analyzing text data. Pdfminer.six extracts the text from a page directly from
the sourcecode of the PDF. It can also be used to get the exact location, font
or color of the text.
It is built in a modular way such that each component of pdfminer.six can be
replaced easily. You can implement your own interpreter or rendering device
that uses the power of pdfminer.six for other purposes than text analysis.
Check out the full documentation on Read the Docs
( https://pdfminersix.readthedocs.io/).
Features:
??? Written entirely in Python.
??? Parse, analyze, and convert PDF documents.
??? PDF-1.7 specification support. (well, almost).
??? CJK languages and vertical writing scripts support.
??? Various font types (Type1, TrueType, Type3, and CID) support.
??? Support for extracting images (JPG, JBIG2, Bitmaps).
??? Support for various compressions (ASCIIHexDecode, ASCII85Decode, LZWDecode,
FlateDecode, RunLengthDecode, CCITTFaxDecode)
??? Support for RC4 and AES encryption.
??? Support for AcroForm interactive form extraction.
??? Table of contents extraction.
??? Tagged contents extraction.
??? Automatic layout analysis.
--------------------------------------------------------------------------------
Update Information:
Backport security fix for GHSA-wf5f-4jwr-ppcp / CVE-2025-64512
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 8 2025 Benjamin A. Beasley [code@musicinmybrain.net] - 20240706-4
- Backport security fix for GHSA-wf5f-4jwr-ppcp
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2414291 - CVE-2025-64512 python-pdfminer: pdfminer.six Arbitrary Code Execution via Crafted PDF Input [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2414291
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-453047be66' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 43 Update: fvwm3-1.1.4-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-a5cdd30644
2025-11-17 02:43:35.106057+00:00
--------------------------------------------------------------------------------
Name : fvwm3
Product : Fedora 43
Version : 1.1.4
Release : 1.fc43
URL : https://www.fvwm.org/
Summary : Highly configurable multiple virtual desktop window manager
Description :
Fvwm is a window manager for X11. It is designed to minimize memory
consumption, provide a 3D look to window frames, and implement a virtual
desktop.
--------------------------------------------------------------------------------
Update Information:
FVWM3 ver. 1.1.4
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 9 2025 Peter Lemenkov [lemenkov@gmail.com] - 1.1.4-1
- FVWM3 ver. 1.1.4
* Fri Oct 10 2025 Maxwell G [maxwell@gtmx.me] - 1.1.3-6
- Rebuild for golang 1.25.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2399091 - CVE-2025-47906 fvwm3: Unexpected paths returned from LookPath in os/exec [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399091
[ 2 ] Bug #2399366 - CVE-2025-47906 fvwm3: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399366
[ 3 ] Bug #2413611 - fvwm3-1.1.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2413611
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-a5cdd30644' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 43 Update: xmedcon-0.25.3-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-977a26e133
2025-11-17 02:43:35.105985+00:00
--------------------------------------------------------------------------------
Name : xmedcon
Product : Fedora 43
Version : 0.25.3
Release : 1.fc43
URL : http://xmedcon.sourceforge.net/
Summary : A medical image conversion utility and library
Description :
This project stands for Medical Image Conversion and is released under the
GNU's (L)GPL license. It bundles the C source code, a library, a flexible
command-line utility and a graphical front-end based on the amazing Gtk+
toolkit.
Its main purpose is image conversion while preserving valuable medical
study information. The currently supported formats are: Acr/Nema 2.0,
Analyze (SPM), Concorde/uPET, DICOM 3.0, CTI ECAT 6/7, InterFile 3.3
and PNG or Gif87a/89a towards desktop applications.
--------------------------------------------------------------------------------
Update Information:
upgraded to 0.25.3 fixes open bugs, CVEs, etc
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 8 2025 Filipe Rosset [rosset.filipe@gmail.com] - 0.25.3-1
- update to 0.25.3
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.24.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.24.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2335506 - xmedcon-0.25.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2335506
[ 2 ] Bug #2341576 - xmedcon: FTBFS in Fedora rawhide/f42
https://bugzilla.redhat.com/show_bug.cgi?id=2341576
[ 3 ] Bug #2354002 - CVE-2025-2581 xmedcon: xmedcon DICOM File malloc integer underflow [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2354002
[ 4 ] Bug #2385742 - xmedcon: FTBFS in Fedora rawhide/f43
https://bugzilla.redhat.com/show_bug.cgi?id=2385742
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-977a26e133' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 43 Update: suricata-7.0.13-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-a366512b23
2025-11-17 02:43:35.105964+00:00
--------------------------------------------------------------------------------
Name : suricata
Product : Fedora 43
Version : 7.0.13
Release : 1.fc43
URL : https://suricata.io/
Summary : Intrusion Detection System
Description :
The Suricata Engine is an Open Source Next Generation Intrusion
Detection and Prevention Engine. This engine is not intended to
just replace or emulate the existing tools in the industry, but
will bring new ideas and technologies to the field. This new Engine
supports Multi-threading, Automatic Protocol Detection (IP, TCP,
UDP, ICMP, HTTP, TLS, FTP and SMB! ), Gzip Decompression, Fast IP
Matching, and GeoIP identification.
--------------------------------------------------------------------------------
Update Information:
Upstream security/bugfix release.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 8 2025 Jason Taylor [jtfas90@proton.me] 7.0.13-1
- Upstream bugfix/security release
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-a366512b23' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 43 Update: python-pdfminer-20251107-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-63872f52bb
2025-11-17 02:43:35.105930+00:00
--------------------------------------------------------------------------------
Name : python-pdfminer
Product : Fedora 43
Version : 20251107
Release : 1.fc43
URL : https://github.com/pdfminer/pdfminer.six
Summary : Tool for extracting information from PDF documents
Description :
Pdfminer.six is a community maintained fork of the original PDFMiner. It is a
tool for extracting information from PDF documents. It focuses on getting and
analyzing text data. Pdfminer.six extracts the text from a page directly from
the sourcecode of the PDF. It can also be used to get the exact location, font
or color of the text.
It is built in a modular way such that each component of pdfminer.six can be
replaced easily. You can implement your own interpreter or rendering device
that uses the power of pdfminer.six for other purposes than text analysis.
Check out the full documentation on Read the Docs
( https://pdfminersix.readthedocs.io/).
Features:
??? Written entirely in Python.
??? Parse, analyze, and convert PDF documents.
??? PDF-1.7 specification support. (well, almost).
??? CJK languages and vertical writing scripts support.
??? Various font types (Type1, TrueType, Type3, and CID) support.
??? Support for extracting images (JPG, JBIG2, Bitmaps).
??? Support for various compressions (ASCIIHexDecode, ASCII85Decode, LZWDecode,
FlateDecode, RunLengthDecode, CCITTFaxDecode)
??? Support for RC4 and AES encryption.
??? Support for AcroForm interactive form extraction.
??? Table of contents extraction.
??? Tagged contents extraction.
??? Automatic layout analysis.
--------------------------------------------------------------------------------
Update Information:
Update to 20251107
Fix: arbitary code execution when loading pickle font files
Security fix for GHSA-wf5f-4jwr-ppcp / CVE-2025-64512
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 7 2025 Benjamin A. Beasley [code@musicinmybrain.net] - 20251107-1
- Update to 20251107 (fixes RHBZ#2413443)
- Security fix for GHSA-wf5f-4jwr-ppcp
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2413443 - python-pdfminer-20251107 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2413443
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-63872f52bb' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
