Fedora Security Advisories

FEDORA-EPEL-2025-4389396ea7 Packages in this update:

• suricata-7.0.9-1.el8

Update description:

Various security, performance, accuracy, and stability issues have been fixed. LibHTP has been updated to version 0.5.50 which is bundled with this new release. This fixes:

CVE-2025-29915: HIGH CVE-2025-29917: HIGH CVE-2025-29918: HIGH CVE-2025-29916: Moderate

FEDORA-2025-109f69791e Packages in this update:

• suricata-7.0.9-1.fc41

Update description:

Various security, performance, accuracy, and stability issues have been fixed. LibHTP has been updated to version 0.5.50 which is bundled with this new release. This fixes:

CVE-2025-29915: HIGH CVE-2025-29917: HIGH CVE-2025-29918: HIGH CVE-2025-29916: Moderate

FEDORA-2025-92362585e0 Packages in this update:

• containerd-1.7.27-1.fc41

Update description:

Update to v1.7.27 for F41

FEDORA-2025-73800111e8 Packages in this update:

• golang-github-openprinting-ipp-usb-0.9.30-1.fc41

Update description:

0.9.30, rebuild due golang CVE-2025-22870

FEDORA-2025-0951177024 Packages in this update:

• nodejs-nodemon-3.1.9-3.fc41

Update description: Added patch for CVE-2024-4068 (rhbz#2280624)

FEDORA-2025-7d7b644265 Packages in this update:

• nodejs-nodemon-3.1.9-4.fc42

Update description: Added patch for CVE-2024-4068 (rhbz#2280624)

FEDORA-2025-9a278a7768 Packages in this update:

• nodejs-nodemon-3.1.9-3.fc40

Update description: Added patch for CVE-2024-4068 (rhbz#2280624)

FEDORA-2025-cc269f80fa Packages in this update:

• rust-zincati-0.0.30-1.fc41

Update description:

New upstream release v0.0.30 see: https://github.com/coreos/zincati/releases/tag/v0.0.30

Backport polkit rules patch for CVE-2025-27512

• https://github.com/coreos/zincati/security/advisories/GHSA-w6fv-6gcc-x825
• https://www.cve.org/CVERecord?id=CVE-2025-27512
• https://github.com/coreos/zincati/commit/920ac90204830e43fd597f3dcbacf0d772b50a81

FEDORA-2025-43bcbb0795 Packages in this update:

• rust-zincati-0.0.30-1.fc40

Update description:

New upstream release v0.0.30 see: https://github.com/coreos/zincati/releases/tag/v0.0.30

FEDORA-2025-19fabb2ca6 Packages in this update:

• rust-zincati-0.0.30-1.fc42

Update description:

New upstream release v0.0.30 see: https://github.com/coreos/zincati/releases/tag/v0.0.30

FEDORA-2025-35347bf9f0 Packages in this update:

• bluez-5.80-1.fc42
• iwd-3.4-1.fc42
• libell-0.74-1.fc42

Update description:

bluez 5.80:

Fix issue with handling address type for all types of keys. Fix issue with handling maximum number of GATT channels. Fix issue with handling MTU auto-tuning feature. Fix issue with handling AVRCP volume in reconfigured transports. Fix issue with handling VCP volume setting requests. Fix issue with handling VCP connection management. Fix issue with handling MAP qualification. Fix issue with handling PBAP qualification. Fix issue with handling BNEP qualification. Add support for PreferredBearer device property. Add support for SupportedTypes Message Access property. Add support for HFP, A2DP, AVRCP, AVCTP and MAP latest versions.

iwd 3.4:

Add support for the Test Anything Protocol.

libell 0.74:

Add support for NIST P-192 curve usage with ECDH. Add support for SHA-224 based checksums and HMACs.

libell 0.73:

Fix issue with parsing hwdb.bin child structures.

libell 0.72:

Add support for the Test Anything Protocol.

FEDORA-2025-78dcffbaa1 Packages in this update:

• dotnet9.0-9.0.104-1.fc40

Update description:

This is the monthly update for .NET 9 for March 2025.

Release Notes:

• SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.104.md
• Runtime: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.3.md

FEDORA-2025-2edd9dc83b Packages in this update:

• dotnet9.0-9.0.104-1.fc41

Update description:

This is the monthly update for .NET 9 for March 2025.

Release Notes:

• SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.104.md
• Runtime: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.3.md

FEDORA-2025-a4aedd0b23 Packages in this update:

• dotnet9.0-9.0.104-1.fc42

Update description:

This is the monthly update for .NET 9 for March 2025.

Release Notes:

• SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.104.md
• Runtime: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.3.md

FEDORA-2025-ae55d50be2 Packages in this update:

• OpenIPMI-2.0.36-1.fc41

Update description:

Update to 2.0.36 Fixes CVE-2024-42934

FEDORA-2025-6b9cbdbdff Packages in this update:

• chromium-134.0.6998.88-3.fc42

Update description:

Update to 134.0.6998.88

• High CVE-2025-1920: Type Confusion in V8
• High CVE-2025-2135: Type Confusion in V8
• Medium CVE-2025-2136: Use after free in Inspector
• Medium CVE-2025-2137: Out of bounds read in V8

FEDORA-2025-e50201543b Packages in this update:

• jupyterlab-4.3.6-1.fc41

Update description:

Update to 4.3.6 (rhbz#2352545)

FEDORA-2025-1d68ba6806 Packages in this update:

• jupyterlab-4.3.6-1.fc40

Update description:

Update to 4.3.6 (rhbz#2352545)

FEDORA-2025-83c147615e Packages in this update:

• dotnet8.0-8.0.114-1.fc40

Update description:

This is the monthly update for .NET for March 2025.

Release Notes:

• SDK https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.14/8.0.114.md
• Runtime: https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.14/8.0.14.md

FEDORA-2025-adbd75f500 Packages in this update:

• dotnet8.0-8.0.114-1.fc41

Update description:

This is the monthly update for .NET for March 2025.

Release Notes:

• SDK https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.14/8.0.114.md
• Runtime: https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.14/8.0.14.md