Fedora Security Advisories

FEDORA-EPEL-2025-bc46c9a9b9 Packages in this update:

• python-pdfminer-20251107-1.el10_1

Update description:

Update to 20251107

Fix: arbitary code execution when loading pickle font files

Security fix for GHSA-wf5f-4jwr-ppcp

FEDORA-EPEL-2025-58acb12ebc Packages in this update:

• python-pdfminer-20251107-1.el10_2

Update description:

Update to 20251107

Fix: arbitary code execution when loading pickle font files

Security fix for GHSA-wf5f-4jwr-ppcp

FEDORA-2025-63872f52bb Packages in this update:

• python-pdfminer-20251107-1.fc43

Update description:

Update to 20251107

Fix: arbitary code execution when loading pickle font files

Security fix for GHSA-wf5f-4jwr-ppcp

FEDORA-2025-d9f9394ecd Packages in this update:

• bind9-next-9.21.14-2.fc42

Update description: Update to 9.21.14 (rhbz#2394406) Security Fixes:

• DNSSEC validation fails if matching but invalid DNSKEY is found. (CVE-2025-8677)
• Address various spoofing attacks. (CVE-2025-40778)
• Cache-poisoning due to weak pseudo-random number generator. (CVE-2025-40780)

New Features:

• Add dnssec-policy keys configuration check to named-checkconf.
• Add support for synthetic records.
• Support for zone-specific plugins.
• Support for additional tokens in the zone file name template.

Removed Features:

• Remove randomized RRset ordering.

and bug fixes

https://downloads.isc.org/isc/bind9/9.21.14/doc/arm/html/notes.html#notes-for-bind-9-21-14

FEDORA-2025-b68f7f541d Packages in this update:

• bind9-next-9.21.14-2.fc43

Update description: Update to 9.21.14 (rhbz#2394406) Security Fixes:

• DNSSEC validation fails if matching but invalid DNSKEY is found. (CVE-2025-8677)
• Address various spoofing attacks. (CVE-2025-40778)
• Cache-poisoning due to weak pseudo-random number generator. (CVE-2025-40780)

New Features:

• Add dnssec-policy keys configuration check to named-checkconf.
• Add support for synthetic records.
• Support for zone-specific plugins.
• Support for additional tokens in the zone file name template.

Removed Features:

• Remove randomized RRset ordering.

and bug fixes

https://downloads.isc.org/isc/bind9/9.21.14/doc/arm/html/notes.html#notes-for-bind-9-21-14

FEDORA-2025-21b93506d5 Packages in this update:

• opentofu-1.10.7-1.fc43

Update description:

Update to 1.10.7

FEDORA-EPEL-2025-253e2f06c2 Packages in this update:

• opentofu-1.10.7-1.el10_2

Update description:

Update to 1.10.7

FEDORA-2025-c555ce4089 Packages in this update:

• opentofu-1.10.7-1.fc41

Update description:

Update to 1.10.7

FEDORA-2025-6ab111452f Packages in this update:

• opentofu-1.10.7-1.fc42

Update description:

Update to 1.10.7

FEDORA-2025-ffac32ead0 Packages in this update:

• containerd-2.1.5-1.fc43

Update description:

Update to release v2.1.5

FEDORA-2025-daa6238745 Packages in this update:

• containerd-2.0.7-1.fc42

Update description:

Update to v2.0.7

FEDORA-2025-80ed98504b Packages in this update:

• containerd-1.7.29-1.fc41

Update description:

Update to v1.7.29

FEDORA-2025-3e245eae46 Packages in this update:

• bind-9.18.41-2.fc43

Update description:

Fix dual-signed domains verification, when one of algorithms is not supported.

FEDORA-2025-3edcd991a4 Packages in this update:

• lasso-2.9.0-1.fc42

Update description:

Update to 2.9.0 Fixes CVE-2025-46705

FEDORA-EPEL-2025-7a8a4f68b8 Packages in this update:

• lasso-2.9.0-1.el10_2

Update description:

Update to 2.9.0 Fixes CVE-2025-46705

FEDORA-EPEL-2025-6099a398a7 Packages in this update:

• lasso-2.9.0-1.el10_1

Update description:

Update to 2.9.0 Fixes CVE-2025-46705

FEDORA-2025-7e6204e34e Packages in this update:

• lasso-2.9.0-1.fc41

Update description:

Update to 2.9.0 Fixes CVE-2025-46705

FEDORA-EPEL-2025-20224e07f9 Packages in this update:

• seamonkey-2.53.22-1.el8

Update description:

Update to 2.53.22

FEDORA-EPEL-2025-f748b535ef Packages in this update:

• seamonkey-2.53.22-1.el9

Update description:

Update to 2.53.22

FEDORA-2025-e49d776723 Packages in this update:

• seamonkey-2.53.22-1.fc41

Update description:

Update to 2.53.22