Fedora 42 Update: dokuwiki-20240206b-1.fc42
Fedora 42 Update: php-phpseclib3-3.0.43-1.fc42
Fedora 42 Update: php-kissifrot-php-ixr-1.8.4-1.fc42
Fedora 42 Update: rust-zincati-0.0.30-1.fc42
Fedora 40 Update: rust-zincati-0.0.30-1.fc40
Fedora 41 Update: firefox-137.0-2.fc41
Fedora 41 Update: rust-zincati-0.0.30-1.fc41
[SECURITY] Fedora 42 Update: dokuwiki-20240206b-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-12f2e3e40b
2025-04-01 16:07:49.264368+00:00
--------------------------------------------------------------------------------
Name : dokuwiki
Product : Fedora 42
Version : 20240206b
Release : 1.fc42
URL : https://www.dokuwiki.org/dokuwiki
Summary : Standards compliant simple to use wiki
Description :
DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creating
documentation of any kind. It has a simple but powerful syntax which makes sure
the data-files remain readable outside the Wiki and eases the creation of
structured texts.
All data is stored in plain text files no database is required.
--------------------------------------------------------------------------------
Update Information:
Update DokuWiki to release 2024-02-06b "Kaos", update dependencies accordingly
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 24 2025 Artur Frenszek-Iwicki [fedora@svgames.pl] - 20240206b-1
- Update to version 2024-02-06b "Kaos"
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2305362 - CVE-2024-42758 dokuwiki: Cross Site Scripting when creating or editing an existing page [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2305362
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-12f2e3e40b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: php-phpseclib3-3.0.43-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-12f2e3e40b
2025-04-01 16:07:49.264368+00:00
--------------------------------------------------------------------------------
Name : php-phpseclib3
Product : Fedora 42
Version : 3.0.43
Release : 1.fc42
URL : https://github.com/phpseclib/phpseclib
Summary : PHP Secure Communications Library
Description :
MIT-licensed pure-PHP implementations of an arbitrary-precision integer
arithmetic library, fully PKCS#1 (v2.1) compliant RSA, DES, 3DES, RC4,
Rijndael, AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509
--------------------------------------------------------------------------------
Update Information:
Update DokuWiki to release 2024-02-06b "Kaos", update dependencies accordingly
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 20 2025 Artur Frenszek-Iwicki [fedora@svgames.pl] - 3.0.43-1
- Update to v3.0.43
* Thu Jan 30 2025 Artur Frenszek-Iwicki [fedora@svgames.pl] - 2.0.48-1
- Update to v2.0.48
* Sat Jan 18 2025 Fedora Release Engineering [releng@fedoraproject.org] - 2.0.44-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Fri Jul 19 2024 Fedora Release Engineering [releng@fedoraproject.org] - 2.0.44-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Thu Jan 25 2024 Fedora Release Engineering [releng@fedoraproject.org] - 2.0.44-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering [releng@fedoraproject.org] - 2.0.44-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jul 21 2023 Fedora Release Engineering [releng@fedoraproject.org] - 2.0.44-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Tue Jun 13 2023 Remi Collet [remi@remirepo.net] - 2.0.44-1
- update to 2.0.44
* Tue Jun 13 2023 Remi Collet [remi@remirepo.net] - 2.0.43-1
- update to 2.0.43
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2305362 - CVE-2024-42758 dokuwiki: Cross Site Scripting when creating or editing an existing page [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2305362
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-12f2e3e40b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: php-kissifrot-php-ixr-1.8.4-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-12f2e3e40b
2025-04-01 16:07:49.264368+00:00
--------------------------------------------------------------------------------
Name : php-kissifrot-php-ixr
Product : Fedora 42
Version : 1.8.4
Release : 1.fc42
URL : https://github.com/kissifrot/php-ixr
Summary : XML-RPC library for PHP
Description :
PHP-IXR is an XML-RPC library designed primarily for ease of use.
It incorporates both client and server classes, and is designed to hide
as much of the workings of XML-RPC from the user as possible. A key feature
of the library is automatic type conversion from PHP types to XML-RPC types
and vice versa. This should enable developers to write web services
with very little knowledge of the underlying XML-RPC standard.
However, don't be fooled by it's simple surface. The library includes
a wide variety of additional XML-RPC specifications and has
all of the features required for serious web service implementations.
Autoloader: /usr/share/php/kissifrot/IXR/autoload.php
--------------------------------------------------------------------------------
Update Information:
Update DokuWiki to release 2024-02-06b "Kaos", update dependencies accordingly
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 24 2025 Artur Frenszek-Iwicki [fedora@svgames.pl] - 1.8.4-1
- Update to v1.8.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2305362 - CVE-2024-42758 dokuwiki: Cross Site Scripting when creating or editing an existing page [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2305362
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-12f2e3e40b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: rust-zincati-0.0.30-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-19fabb2ca6
2025-04-01 16:07:49.264188+00:00
--------------------------------------------------------------------------------
Name : rust-zincati
Product : Fedora 42
Version : 0.0.30
Release : 1.fc42
URL : https://crates.io/crates/zincati
Summary : Update agent for Fedora CoreOS
Description :
Update agent for Fedora CoreOS.
--------------------------------------------------------------------------------
Update Information:
New upstream release v0.0.30 see:
https://github.com/coreos/zincati/releases/tag/v0.0.30
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 17 2025 Steven Presti [spresti@redhat.com] - 0.0.30-1
- update to 0.0.30
* Mon Mar 17 2025 Dusty Mabe [dusty@dustymabe.com] - 0.0.29-2
- Backport polkit rules patch for CVE-2025-27512
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2352973 - CVE-2025-27512 rust-zincati: Zincati allows unprivileged access to rpm-ostree D-Bus `Deploy()` and `FinalizeDeployment()` methods [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2352973
[ 2 ] Bug #2352974 - CVE-2025-27512 rust-zincati: Zincati allows unprivileged access to rpm-ostree D-Bus `Deploy()` and `FinalizeDeployment()` methods [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2352974
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-19fabb2ca6' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 40 Update: rust-zincati-0.0.30-1.fc40
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-43bcbb0795
2025-04-02 02:13:27.727464+00:00
--------------------------------------------------------------------------------
Name : rust-zincati
Product : Fedora 40
Version : 0.0.30
Release : 1.fc40
URL : https://crates.io/crates/zincati
Summary : Update agent for Fedora CoreOS
Description :
Update agent for Fedora CoreOS.
--------------------------------------------------------------------------------
Update Information:
New upstream release v0.0.30 see:
https://github.com/coreos/zincati/releases/tag/v0.0.30
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 17 2025 Steven Presti [spresti@redhat.com] - 0.0.30-1
- update to 0.0.30
* Mon Mar 17 2025 Dusty Mabe [dusty@dustymabe.com] - 0.0.29-2
- Backport polkit rules patch for CVE-2025-27512
* Fri Jan 24 2025 Huijing Hei [hhei@redhat.com] - 0.0.29-1
- Update to 0.0.29
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.0.27-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Sat Jul 20 2024 Fedora Release Engineering [releng@fedoraproject.org] - 0.0.27-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2352973 - CVE-2025-27512 rust-zincati: Zincati allows unprivileged access to rpm-ostree D-Bus `Deploy()` and `FinalizeDeployment()` methods [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2352973
[ 2 ] Bug #2352974 - CVE-2025-27512 rust-zincati: Zincati allows unprivileged access to rpm-ostree D-Bus `Deploy()` and `FinalizeDeployment()` methods [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2352974
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-43bcbb0795' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: firefox-137.0-2.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-96c31e2086
2025-04-02 01:54:44.155222+00:00
--------------------------------------------------------------------------------
Name : firefox
Product : Fedora 41
Version : 137.0
Release : 2.fc41
URL : https://www.mozilla.org/firefox/
Summary : Mozilla Firefox Web browser
Description :
Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance and portability.
--------------------------------------------------------------------------------
Update Information:
Updated to latest upstream (137.0)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 31 2025 Martin Stransky [stransky@redhat.com] - 137.0-2
- Update 137.0 build 2
* Wed Mar 26 2025 Martin Stransky [stransky@redhat.com] - 137.0-1
- Update to latest upstream (137.0)
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-96c31e2086' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: rust-zincati-0.0.30-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-cc269f80fa
2025-04-02 01:54:44.155030+00:00
--------------------------------------------------------------------------------
Name : rust-zincati
Product : Fedora 41
Version : 0.0.30
Release : 1.fc41
URL : https://crates.io/crates/zincati
Summary : Update agent for Fedora CoreOS
Description :
Update agent for Fedora CoreOS.
--------------------------------------------------------------------------------
Update Information:
New upstream release v0.0.30 see:
https://github.com/coreos/zincati/releases/tag/v0.0.30
Backport polkit rules patch for CVE-2025-27512
https://github.com/coreos/zincati/security/advisories/GHSA-w6fv-6gcc-x825
https://www.cve.org/CVERecord?id=CVE-2025-27512
https://github.com/coreos/zincati/commit/920ac90204830e43fd597f3dcbacf0d772b50a8
1
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 17 2025 Steven Presti [spresti@redhat.com] - 0.0.30-1
- update to 0.0.30
* Mon Mar 17 2025 Dusty Mabe [dusty@dustymabe.com] - 0.0.29-2
- Backport polkit rules patch for CVE-2025-27512
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2352973 - CVE-2025-27512 rust-zincati: Zincati allows unprivileged access to rpm-ostree D-Bus `Deploy()` and `FinalizeDeployment()` methods [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2352973
[ 2 ] Bug #2352974 - CVE-2025-27512 rust-zincati: Zincati allows unprivileged access to rpm-ostree D-Bus `Deploy()` and `FinalizeDeployment()` methods [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2352974
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-cc269f80fa' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
