OpenSSH, Kernel, GnuTLS, libtasn, Python, microcode_ct updates for Fedora

Fedora Linux 8919 Published by

Fedora Linux has been updated with multiple securit yupdates, which include OpenSSH, the kernel, GnuTLS, libtasn, Python, and microcode_ctl:

Fedora 41 Update: openssh-9.9p1-3.fc41
Fedora 41 Update: kernel-6.12.15-200.fc41
Fedora 41 Update: gnutls-3.8.9-2.fc41
Fedora 41 Update: libtasn1-4.20.0-1.fc41
Fedora 41 Update: python3.11-3.11.11-5.fc41
Fedora 41 Update: python3.9-3.9.21-4.fc41
Fedora 41 Update: python3.10-3.10.16-5.fc41
Fedora 40 Update: kernel-6.12.15-100.fc40
Fedora 40 Update: microcode_ctl-2.1-61.6.fc40
Fedora 40 Update: python3.9-3.9.21-4.fc40




[SECURITY] Fedora 41 Update: openssh-9.9p1-3.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-18cb3f852d
2025-02-20 02:26:22.548385+00:00
--------------------------------------------------------------------------------

Name : openssh
Product : Fedora 41
Version : 9.9p1
Release : 3.fc41
URL : http://www.openssh.com/portable.html
Summary : An open source implementation of SSH protocol version 2
Description :
SSH (Secure SHell) is a program for logging into and executing
commands on a remote machine. SSH is intended to replace rlogin and
rsh, and to provide secure encrypted communications between two
untrusted hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over the secure channel.

OpenSSH is OpenBSD's version of the last free version of SSH, bringing
it up to date in terms of security and features.

This package includes the core files necessary for both the OpenSSH
client and server. To make this package useful, you should also
install openssh-clients, openssh-server, or both.

--------------------------------------------------------------------------------
Update Information:

Fix regression of Match directive processing
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 18 2025 Dmitry Belyavskiy [dbelyavs@redhat.com] - 9.9p1-3
- Fix regression of Match directive processing
- Fix missing error codes set and invalid error code checks in OpenSSH. It
prevents memory exhaustion attack and a MITM attack when VerifyHostKeyDNS
is on (CVE-2025-26465, CVE-2025-26466).
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-18cb3f852d' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: kernel-6.12.15-200.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-cca2fcc70c
2025-02-20 02:26:22.548391+00:00
--------------------------------------------------------------------------------

Name : kernel
Product : Fedora 41
Version : 6.12.15
Release : 200.fc41
URL : https://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel meta package

--------------------------------------------------------------------------------
Update Information:

The 6.12.15 stable kernel update contains a number of important fixes across the
tree.
The 6.12.14 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 18 2025 Augusto Caringi [acaringi@redhat.com] [6.12.15-0]
- Linux v6.12.15
* Mon Feb 17 2025 Augusto Caringi [acaringi@redhat.com] [6.12.14-0]
- redhat/configs: automotive: Set CONFIG_FSCACHE=y (Augusto Caringi)
- CONFIG_CPUFREQ_DT_PLATDEV is bool now (Justin M. Forbes)
- Add some bugs to BugsFixed for the 6.12.14 update (Justin M. Forbes)
- efi,lockdown: fix kernel lockdown on Secure Boot (Ondrej Mosnacek) {CVE-2025-1272}
- Linux v6.12.14
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2333706 - Kernel 6.12.6 kernel lockdown disabled
https://bugzilla.redhat.com/show_bug.cgi?id=2333706
[ 2 ] Bug #2345700 - CVE-2025-1272 kernel: Secure Boot does not automatically enable kernel lockdown [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2345700
[ 3 ] Bug #2345701 - CVE-2025-1272 kernel: Secure Boot does not automatically enable kernel lockdown [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2345701
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-cca2fcc70c' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: gnutls-3.8.9-2.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-a62f1e771c
2025-02-20 02:26:22.548373+00:00
--------------------------------------------------------------------------------

Name : gnutls
Product : Fedora 41
Version : 3.8.9
Release : 2.fc41
URL : http://www.gnutls.org/
Summary : A TLS protocol implementation
Description :
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS
protocols and technologies around them. It provides a simple C language
application programming interface (API) to access the secure communications
protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and
other required structures.

--------------------------------------------------------------------------------
Update Information:

Update gnutls to the latest upstream release, including a fix for
CVE-2024-12243.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 18 2025 Daiki Ueno [dueno@redhat.com] - 3.8.9-2
- Switch from liboqs to leancrypto
* Tue Feb 18 2025 Daiki Ueno [dueno@redhat.com] - 3.8.9-1
- Update to gnutls 3.8.9 release
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2344617 - CVE-2024-12243 gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2344617
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-a62f1e771c' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: libtasn1-4.20.0-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-9b659aa327
2025-02-20 02:26:22.548379+00:00
--------------------------------------------------------------------------------

Name : libtasn1
Product : Fedora 41
Version : 4.20.0
Release : 1.fc41
URL : http://www.gnu.org/software/libtasn1/
Summary : The ASN.1 library used in GNUTLS
Description :
A library that provides Abstract Syntax Notation One (ASN.1, as specified
by the X.680 ITU-T recommendation) parsing and structures management, and
Distinguished Encoding Rules (DER, as per X.690) encoding and decoding functions.

--------------------------------------------------------------------------------
Update Information:

Includes CVE fixes.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 14 2025 Zoltan Fridrich [zfridric@redhat.com] - 4.20.0-1
- Update to 4.20.0 upstream release
* Thu Jul 25 2024 Miroslav Such?? [msuchy@redhat.com] - 4.19.0-10
- convert GPLv3+ license to SPDX
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2344196 - libtasn1-4.20.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2344196
[ 2 ] Bug #2344613 - CVE-2024-12133 libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2344613
[ 3 ] Bug #2344614 - CVE-2024-12133 libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2344614
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-9b659aa327' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 41 Update: python3.11-3.11.11-5.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-81304012fc
2025-02-20 02:26:22.548296+00:00
--------------------------------------------------------------------------------

Name : python3.11
Product : Fedora 41
Version : 3.11.11
Release : 5.fc41
URL : https://www.python.org/
Summary : Version 3.11 of the Python interpreter
Description :
Python 3.11 is an accessible, high-level, dynamically typed, interpreted
programming language, designed with an emphasis on code readability.
It includes an extensive standard library, and has a vast ecosystem of
third-party libraries.

The python3.11 package provides the "python3.11" executable: the reference
interpreter for the Python language, version 3.
The majority of its standard library is provided in the python3.11-libs package,
which should be installed automatically along with python3.11.
The remaining parts of the Python standard library are broken out into the
python3.11-tkinter and python3.11-test packages, which may need to be installed
separately.

Documentation for Python is provided in the python3.11-docs package.

Packages containing additional libraries for Python are generally named with
the "python3.11-" prefix.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2025-0938
--------------------------------------------------------------------------------
ChangeLog:

* Mon Feb 10 2025 Charalampos Stratakis [cstratak@redhat.com] - 3.11.11-5
- Security fix for CVE-2025-0938
- Fixes: rhbz#2343272
* Thu Feb 6 2025 Miro Hron??ok [mhroncok@redhat.com] - 3.11.11-4
- Rebuilt with mpdecimal 4.0.0
* Sat Feb 1 2025 Bj??rn Esser [besser82@fedoraproject.org] - 3.11.11-3
- Add explicit BR: libxcrypt-devel
* Sat Jan 18 2025 Fedora Release Engineering [releng@fedoraproject.org] - 3.11.11-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343272 - CVE-2025-0938 python3.11: URL parser allowed square brackets in domain names [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2343272
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-81304012fc' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 41 Update: python3.9-3.9.21-4.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-be080d5ed4
2025-02-20 02:26:22.548281+00:00
--------------------------------------------------------------------------------

Name : python3.9
Product : Fedora 41
Version : 3.9.21
Release : 4.fc41
URL : https://www.python.org/
Summary : Version 3.9 of the Python interpreter
Description :
Python 3.9 package for developers.

This package exists to allow developers to test their code against an older
version of Python. This is not a full Python stack and if you wish to run
your applications with Python 3.9, see other distributions
that support it, such as CentOS or RHEL or older Fedora releases.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2025-0938
--------------------------------------------------------------------------------
ChangeLog:

* Mon Feb 10 2025 Charalampos Stratakis [cstratak@redhat.com] - 3.9.21-4
- Security fix for CVE-2025-0938
- Fixes: rhbz#2343278
* Sat Feb 1 2025 Bj??rn Esser [besser82@fedoraproject.org] - 3.9.21-3
- Add explicit BR: libxcrypt-devel
* Sat Jan 18 2025 Fedora Release Engineering [releng@fedoraproject.org] - 3.9.21-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343278 - CVE-2025-0938 python3.9: URL parser allowed square brackets in domain names [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2343278
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-be080d5ed4' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 41 Update: python3.10-3.10.16-5.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-fb4c448085
2025-02-20 02:26:22.548290+00:00
--------------------------------------------------------------------------------

Name : python3.10
Product : Fedora 41
Version : 3.10.16
Release : 5.fc41
URL : https://www.python.org/
Summary : Version 3.10 of the Python interpreter
Description :
Python 3.10 is an accessible, high-level, dynamically typed, interpreted
programming language, designed with an emphasis on code readability.
It includes an extensive standard library, and has a vast ecosystem of
third-party libraries.

The python3.10 package provides the "python3.10" executable: the reference
interpreter for the Python language, version 3.
The majority of its standard library is provided in the python3.10-libs package,
which should be installed automatically along with python3.10.
The remaining parts of the Python standard library are broken out into the
python3.10-tkinter and python3.10-test packages, which may need to be installed
separately.

Documentation for Python is provided in the python3.10-docs package.

Packages containing additional libraries for Python are generally named with
the "python3.10-" prefix.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2025-0938
--------------------------------------------------------------------------------
ChangeLog:

* Mon Feb 10 2025 Charalampos Stratakis [cstratak@redhat.com] - 3.10.16-5
- Security fix for CVE-2025-0938
- Fixes: rhbz#2343276
* Thu Feb 6 2025 Miro Hron??ok [mhroncok@redhat.com] - 3.10.16-4
- Rebuilt with mpdecimal 4.0.0
* Sat Feb 1 2025 Bj??rn Esser [besser82@fedoraproject.org] - 3.10.16-3
- Add explicit BR: libxcrypt-devel
* Sat Jan 18 2025 Fedora Release Engineering [releng@fedoraproject.org] - 3.10.16-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343276 - CVE-2025-0938 python3.10: URL parser allowed square brackets in domain names [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2343276
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-fb4c448085' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 40 Update: kernel-6.12.15-100.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-b268fceaec
2025-02-20 02:26:20.996716+00:00
--------------------------------------------------------------------------------

Name : kernel
Product : Fedora 40
Version : 6.12.15
Release : 100.fc40
URL : https://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel meta package

--------------------------------------------------------------------------------
Update Information:

The 6.12.15 stable kernel update contains a number of important fixes across the
tree.
The 6.12.14 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 18 2025 Augusto Caringi [acaringi@redhat.com] [6.12.15-100]
- Turn off libbpf dynamic for perf (Justin M. Forbes)
* Tue Feb 18 2025 Augusto Caringi [acaringi@redhat.com] [6.12.15-0]
- Linux v6.12.15
* Mon Feb 17 2025 Augusto Caringi [acaringi@redhat.com] [6.12.14-0]
- redhat/configs: automotive: Set CONFIG_FSCACHE=y (Augusto Caringi)
- CONFIG_CPUFREQ_DT_PLATDEV is bool now (Justin M. Forbes)
- Add some bugs to BugsFixed for the 6.12.14 update (Justin M. Forbes)
- efi,lockdown: fix kernel lockdown on Secure Boot (Ondrej Mosnacek) {CVE-2025-1272}
- Linux v6.12.14
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2333706 - Kernel 6.12.6 kernel lockdown disabled
https://bugzilla.redhat.com/show_bug.cgi?id=2333706
[ 2 ] Bug #2345700 - CVE-2025-1272 kernel: Secure Boot does not automatically enable kernel lockdown [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2345700
[ 3 ] Bug #2345701 - CVE-2025-1272 kernel: Secure Boot does not automatically enable kernel lockdown [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2345701
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-b268fceaec' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: microcode_ctl-2.1-61.6.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-dd577cf35f
2025-02-20 02:26:20.996711+00:00
--------------------------------------------------------------------------------

Name : microcode_ctl
Product : Fedora 40
Version : 2.1
Release : 61.6.fc40
URL : https://pagure.io/microcode_ctl
Summary : Tool to transform and deploy CPU microcode update for x86
Description :
The microcode_ctl utility is a companion to the microcode driver written
by Tigran Aivazian [tigran@aivazian.fsnet.co.uk].

The microcode update is volatile and needs to be uploaded on each system
boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts
back to the old microcode.

--------------------------------------------------------------------------------
Update Information:

Update to upstream 2.1-48. 20250211
Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-97-02) at revision 0x38;
Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-97-02) at revision 0x38;
Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-97-05) at revision 0x38;
Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-97-05) at revision 0x38;
Addition of 06-af-03/0x01 (SRF-SP C0) microcode at revision 0x3000330;
Addition of 06-b7-04/0x32 microcode (in intel-ucode/06-b7-01) at revision 0x12c;
Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-bf-02) at revision 0x38;
Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-bf-02) at revision 0x38;
Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-bf-05) at revision 0x38;
Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-bf-05) at revision 0x38;
Removal of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-05) at
revision 0x2b000603;
Removal of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) at revision
0x2c000390;
Removal of 06-8f-05/0x87 (SPR-SP E2) microcode at revision 0x2b000603;
Removal of 06-8f-05/0x10 (SPR-HBM B1) microcode at revision 0x2c000390;
Removal of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-05) at
revision 0x2b000603;
Removal of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-05) at revision
0x2c000390;
Removal of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-05) at
revision 0x2b000603;
Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-05) at
revision 0x2b000603;
Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in intel-ucode/06-8f-05) at
revision 0x2c000390;
Removal of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-06) at
revision 0x2b000603;
Removal of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) at revision
0x2c000390;
Removal of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-06) at
revision 0x2b000603;
Removal of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-06) at
revision 0x2c000390;
Removal of 06-8f-06/0x87 (SPR-SP E3) microcode at revision 0x2b000603;
Removal of 06-8f-06/0x10 microcode at revision 0x2c000390;
Removal of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-06) at
revision 0x2b000603;
Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-06) at
revision 0x2b000603;
Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in intel-ucode/06-8f-06) at
revision 0x2c000390;
Removal of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in intel-
ucode/06-ba-08) at revision 0x4123;
Removal of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in intel-ucode/06-ba-08) at
revision 0x4123;
Removal of 06-ba-08/0xe0 microcode at revision 0x4123;
Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003e7 up to
0xd0003f5;
Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x10002b0 up to
0x10002c0;
Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-07) from
revision 0x2b000603 up to 0x2b000620;
Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-07) from
revision 0x2b000603 up to 0x2b000620;
Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-07) from
revision 0x2b000603 up to 0x2b000620;
Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision 0x2b000603 up to
0x2b000620;
Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-07) from
revision 0x2b000603 up to 0x2b000620;
Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from revision
0x2c000390 up to 0x2c0003e0;
Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-08) from
revision 0x2b000603 up to 0x2b000620;
Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-08) from
revision 0x2c000390 up to 0x2c0003e0;
Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-08) from
revision 0x2b000603 up to 0x2b000620;
Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from revision
0x2c000390 up to 0x2c0003e0;
Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-08) from
revision 0x2b000603 up to 0x2b000620;
Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-08) from
revision 0x2b000603 up to 0x2b000620;
Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision 0x2c000390 up to
0x2c0003e0;
Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision 0x2b000603 up to
0x2b000620;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision 0x37 up to
0x38;
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-97-02) from
revision 0x37 up to 0x38;
Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from
revision 0x37 up to 0x38;
Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from
revision 0x37 up to 0x38;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-97-05)
from revision 0x37 up to 0x38;
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x37 up to 0x38;
Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from
revision 0x37 up to 0x38;
Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from
revision 0x37 up to 0x38;
Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision 0x435 up
to 0x436;
Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in intel-ucode/06-9a-03) from
revision 0x435 up to 0x436;
Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in intel-
ucode/06-9a-04) from revision 0x435 up to 0x436;
Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x435 up to
0x436;
Update of 06-9a-04/0x40 (AZB A0) microcode from revision 0x7 up to 0x9;
Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode from revision 0xf8 up to
0xfa;
Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode from revision 0x100 up to
0x102;
Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x62 up to 0x63;
Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x12b up to 0x12c;
Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision 0x4123 up
to 0x4124;
Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in intel-ucode/06-ba-02) from
revision 0x4123 up to 0x4124;
Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) from revision 0x4123
up to 0x4124;
Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in intel-ucode/06-ba-03)
from revision 0x4123 up to 0x4124;
Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4123 up to
0x4124;
Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) from revision 0x4123
up to 0x4124;
Update of 06-be-00/0x19 (ADL-N A0) microcode from revision 0x1a up to 0x1c;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-02)
from revision 0x37 up to 0x38;
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-02) from
revision 0x37 up to 0x38;
Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x37 up to 0x38;
Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02) from
revision 0x37 up to 0x38;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-05)
from revision 0x37 up to 0x38;
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-05) from
revision 0x37 up to 0x38;
Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05) from
revision 0x37 up to 0x38;
Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x37 up to 0x38;
Update of 06-cf-01/0x87 (EMR-SP A0) microcode from revision 0x21000283 up to
0x21000291;
Update of 06-cf-02/0x87 (EMR-SP A1) microcode (in intel-ucode/06-cf-01) from
revision 0x21000283 up to 0x21000291;
Update of 06-cf-01/0x87 (EMR-SP A0) microcode (in intel-ucode/06-cf-02) from
revision 0x21000283 up to 0x21000291;
Update of 06-cf-02/0x87 (EMR-SP A1) microcode from revision 0x21000283 up to
0x21000291.
Addresses CVE-2023-34440, CVE-2023-43758, CVE-2024-24582, CVE-2024-28047,
CVE-2024-28127, CVE-2024-29214, CVE-2024-31068, CVE-2024-31157, CVE-2024-37020,
CVE-2024-39279, CVE-2024-39355, CVE-2024-36293.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 12 2025 Eugene Syromiatnikov [esyr@redhat.com] 2:2.1-61.6
- Update to upstream 2.1-48. 20250211
- Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-97-02) at
revision 0x38;
- Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-97-02) at
revision 0x38;
- Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-97-05) at
revision 0x38;
- Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-97-05) at
revision 0x38;
- Addition of 06-af-03/0x01 (SRF-SP C0) microcode at revision 0x3000330;
- Addition of 06-b7-04/0x32 microcode (in intel-ucode/06-b7-01) at
revision 0x12c;
- Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-bf-02) at
revision 0x38;
- Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-bf-02) at
revision 0x38;
- Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-bf-05) at
revision 0x38;
- Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-bf-05) at
revision 0x38;
- Removal of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-05) at revision 0x2b000603;
- Removal of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) at
revision 0x2c000390;
- Removal of 06-8f-05/0x87 (SPR-SP E2) microcode at revision 0x2b000603;
- Removal of 06-8f-05/0x10 (SPR-HBM B1) microcode at revision
0x2c000390;
- Removal of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-05) at revision 0x2b000603;
- Removal of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-05) at
revision 0x2c000390;
- Removal of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-05) at revision 0x2b000603;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-05) at revision 0x2b000603;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-05) at revision 0x2c000390;
- Removal of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-06) at revision 0x2b000603;
- Removal of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) at
revision 0x2c000390;
- Removal of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-06) at revision 0x2b000603;
- Removal of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-06) at revision 0x2c000390;
- Removal of 06-8f-06/0x87 (SPR-SP E3) microcode at revision 0x2b000603;
- Removal of 06-8f-06/0x10 microcode at revision 0x2c000390;
- Removal of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-06) at revision 0x2b000603;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-06) at revision 0x2b000603;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-06) at revision 0x2c000390;
- Removal of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-08) at revision 0x4123;
- Removal of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-08) at revision 0x4123;
- Removal of 06-ba-08/0xe0 microcode at revision 0x4123;
- Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003e7
up to 0xd0003f5;
- Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x10002b0
up to 0x10002c0;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000603 up to 0x2b000620;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000603 up to 0x2b000620;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000603 up to 0x2b000620;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision
0x2b000603 up to 0x2b000620;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000603 up to 0x2b000620;
- Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from
revision 0x2c000390 up to 0x2c0003e0;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000603 up to 0x2b000620;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-08) from revision 0x2c000390 up to 0x2c0003e0;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000603 up to 0x2b000620;
- Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from
revision 0x2c000390 up to 0x2c0003e0;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000603 up to 0x2b000620;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000603 up to 0x2b000620;
- Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision
0x2c000390 up to 0x2c0003e0;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision
0x2b000603 up to 0x2b000620;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision
0x37 up to 0x38;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-97-02) from revision 0x37 up to 0x38;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x37 up to 0x38;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x37 up to 0x38;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-97-05) from revision 0x37 up to 0x38;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x37
up to 0x38;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x37 up to 0x38;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x37 up to 0x38;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision
0x435 up to 0x436;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
intel-ucode/06-9a-03) from revision 0x435 up to 0x436;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
intel-ucode/06-9a-04) from revision 0x435 up to 0x436;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x435
up to 0x436;
- Update of 06-9a-04/0x40 (AZB A0) microcode from revision 0x7 up
to 0x9;
- Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode from revision
0xf8 up to 0xfa;
- Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode from revision
0x100 up to 0x102;
- Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x62 up
to 0x63;
- Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x12b up
to 0x12c;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision
0x4123 up to 0x4124;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-02) from revision 0x4123 up to 0x4124;
- Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) from
revision 0x4123 up to 0x4124;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-03) from revision 0x4123 up to 0x4124;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4123
up to 0x4124;
- Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) from
revision 0x4123 up to 0x4124;
- Update of 06-be-00/0x19 (ADL-N A0) microcode from revision 0x1a up
to 0x1c;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-02) from revision 0x37 up to 0x38;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-02) from revision 0x37 up to 0x38;
- Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x37 up
to 0x38;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02)
from revision 0x37 up to 0x38;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-05) from revision 0x37 up to 0x38;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-05) from revision 0x37 up to 0x38;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05)
from revision 0x37 up to 0x38;
- Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x37 up
to 0x38;
- Update of 06-cf-01/0x87 (EMR-SP A0) microcode from revision 0x21000283
up to 0x21000291;
- Update of 06-cf-02/0x87 (EMR-SP A1) microcode (in
intel-ucode/06-cf-01) from revision 0x21000283 up to 0x21000291;
- Update of 06-cf-01/0x87 (EMR-SP A0) microcode (in
intel-ucode/06-cf-02) from revision 0x21000283 up to 0x21000291;
- Update of 06-cf-02/0x87 (EMR-SP A1) microcode from revision 0x21000283
up to 0x21000291.
- Addresses CVE-2023-34440, CVE-2023-43758, CVE-2024-24582, CVE-2024-28047,
CVE-2024-28127, CVE-2024-29214, CVE-2024-31068, CVE-2024-31157,
CVE-2024-37020, CVE-2024-39279, CVE-2024-39355, CVE-2024-36293
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-dd577cf35f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: python3.9-3.9.21-4.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-66c560fa22
2025-02-20 02:26:20.996700+00:00
--------------------------------------------------------------------------------

Name : python3.9
Product : Fedora 40
Version : 3.9.21
Release : 4.fc40
URL : https://www.python.org/
Summary : Version 3.9 of the Python interpreter
Description :
Python 3.9 package for developers.

This package exists to allow developers to test their code against an older
version of Python. This is not a full Python stack and if you wish to run
your applications with Python 3.9, see other distributions
that support it, such as CentOS or RHEL or older Fedora releases.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2025-0938
--------------------------------------------------------------------------------
ChangeLog:

* Mon Feb 10 2025 Charalampos Stratakis [cstratak@redhat.com] - 3.9.21-4
- Security fix for CVE-2025-0938
- Fixes: rhbz#2343278
* Sat Feb 1 2025 Bj??rn Esser [besser82@fedoraproject.org] - 3.9.21-3
- Add explicit BR: libxcrypt-devel
* Sat Jan 18 2025 Fedora Release Engineering [releng@fedoraproject.org] - 3.9.21-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343278 - CVE-2025-0938 python3.9: URL parser allowed square brackets in domain names [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2343278
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-66c560fa22' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Mesa 25.0.0 released

Bind, Mysql, OpenShift, Kpatch-patch updates for RHEL

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.org  I ...