Fedora Linux 8891 Published by

Fedora Linux has received several security updates, including python3.14-3.14.0~a4-2.fc41, python3.11-3.11.11-5.fc40, python3.10-3.10.16-5.fc40, s390utils-2.33.1-4.fc40, rust-snphost-0.5.0-3.fc40, chromium-133.0.6943.53-1.fc40, rust-sevctl-0.6.0-4.fc40, rustup-1.27.1-6.fc40, and rust-openssl-0.10.70-1:

Fedora 41 Update: python3.14-3.14.0~a4-2.fc41
Fedora 40 Update: python3.11-3.11.11-5.fc40
Fedora 40 Update: python3.10-3.10.16-5.fc40
Fedora 40 Update: s390utils-2.33.1-4.fc40
Fedora 40 Update: rust-snphost-0.5.0-3.fc40
Fedora 40 Update: chromium-133.0.6943.53-1.fc40
Fedora 40 Update: rust-sevctl-0.6.0-4.fc40
Fedora 40 Update: rustup-1.27.1-6.fc40
Fedora 40 Update: rust-openssl-0.10.70-1.fc40
Fedora 40 Update: rust-rpm-sequoia-1.7.0-5.fc40
Fedora 40 Update: rust-tealdeer-1.7.1-3.fc40
Fedora 40 Update: rust-sequoia-octopus-librnp-1.10.0-6.fc40
Fedora 40 Update: rust-sequoia-sqv-1.2.1-6.fc40
Fedora 40 Update: rust-pore-0.1.17-5.fc40
Fedora 40 Update: rust-sequoia-policy-config-0.7.0-3.fc40
Fedora 40 Update: rust-eif_build-0.2.1-3.fc40
Fedora 40 Update: rust-sequoia-keyring-linter-1.0.1-10.fc40
Fedora 40 Update: libkrun-1.10.1-2.fc40
Fedora 40 Update: rust-openssl-sys-0.9.105-1.fc40
Fedora 40 Update: keylime-agent-rust-0.2.7-4.fc40
Fedora 40 Update: rust-gst-plugin-reqwest-0.13.3-3.fc40
Fedora 40 Update: gotify-desktop-1.3.7-4.fc40
Fedora 40 Update: rust-nu-0.99.1-7.fc40
Fedora 40 Update: fido-device-onboard-0.5.0-2.fc40
Fedora 40 Update: rust-coreos-installer-0.23.0-2.fc40
Fedora 40 Update: rust-cargo-vendor-filterer-0.5.17-2.fc40
Fedora 40 Update: keyring-ima-signer-0.1.0-17.fc40
Fedora 40 Update: rust-afterburn-5.7.0-3.fc40
Fedora 40 Update: envision-2.0.0-4.20241209git2.0.0.fc40
Fedora 40 Update: clevis-pin-tpm2-0.5.3-9.fc40
Fedora 40 Update: python3.14-3.14.0~a4-2.fc40




[SECURITY] Fedora 41 Update: python3.14-3.14.0~a4-2.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-36baebad86
2025-02-13 02:20:47.624827+00:00
--------------------------------------------------------------------------------

Name : python3.14
Product : Fedora 41
Version : 3.14.0~a4
Release : 2.fc41
URL : https://www.python.org/
Summary : Version 3.14 of the Python interpreter
Description :
Python 3.14 is an accessible, high-level, dynamically typed, interpreted
programming language, designed with an emphasis on code readability.
It includes an extensive standard library, and has a vast ecosystem of
third-party libraries.

The python3.14 package provides the "python3.14" executable: the reference
interpreter for the Python language, version 3.
The majority of its standard library is provided in the python3.14-libs package,
which should be installed automatically along with python3.14.
The remaining parts of the Python standard library are broken out into the
python3.14-tkinter and python3.14-test packages, which may need to be installed
separately.

Documentation for Python is provided in the python3.14-docs package.

Packages containing additional libraries for Python are generally named with
the "python3.14-" prefix.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2025-0938
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 4 2025 Charalampos Stratakis [cstratak@redhat.com] - 3.14.0~a4-2
- Security fix for CVE-2025-0938
- Fixes: rhbz#2343273
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343273 - CVE-2025-0938 python3.14: URL parser allowed square brackets in domain names [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2343273
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-36baebad86' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: python3.11-3.11.11-5.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-f613fe78b6
2025-02-13 02:00:53.381637+00:00
--------------------------------------------------------------------------------

Name : python3.11
Product : Fedora 40
Version : 3.11.11
Release : 5.fc40
URL : https://www.python.org/
Summary : Version 3.11 of the Python interpreter
Description :
Python 3.11 is an accessible, high-level, dynamically typed, interpreted
programming language, designed with an emphasis on code readability.
It includes an extensive standard library, and has a vast ecosystem of
third-party libraries.

The python3.11 package provides the "python3.11" executable: the reference
interpreter for the Python language, version 3.
The majority of its standard library is provided in the python3.11-libs package,
which should be installed automatically along with python3.11.
The remaining parts of the Python standard library are broken out into the
python3.11-tkinter and python3.11-test packages, which may need to be installed
separately.

Documentation for Python is provided in the python3.11-docs package.

Packages containing additional libraries for Python are generally named with
the "python3.11-" prefix.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2025-0938
--------------------------------------------------------------------------------
ChangeLog:

* Mon Feb 10 2025 Charalampos Stratakis [cstratak@redhat.com] - 3.11.11-5
- Security fix for CVE-2025-0938
- Fixes: rhbz#2343272
* Thu Feb 6 2025 Miro HronÄok [mhroncok@redhat.com] - 3.11.11-4
- Rebuilt with mpdecimal 4.0.0
* Sat Feb 1 2025 Björn Esser [besser82@fedoraproject.org] - 3.11.11-3
- Add explicit BR: libxcrypt-devel
* Sat Jan 18 2025 Fedora Release Engineering [releng@fedoraproject.org] - 3.11.11-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343272 - CVE-2025-0938 python3.11: URL parser allowed square brackets in domain names [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2343272
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-f613fe78b6' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 40 Update: python3.10-3.10.16-5.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-10e053d399
2025-02-13 02:00:53.381632+00:00
--------------------------------------------------------------------------------

Name : python3.10
Product : Fedora 40
Version : 3.10.16
Release : 5.fc40
URL : https://www.python.org/
Summary : Version 3.10 of the Python interpreter
Description :
Python 3.10 is an accessible, high-level, dynamically typed, interpreted
programming language, designed with an emphasis on code readability.
It includes an extensive standard library, and has a vast ecosystem of
third-party libraries.

The python3.10 package provides the "python3.10" executable: the reference
interpreter for the Python language, version 3.
The majority of its standard library is provided in the python3.10-libs package,
which should be installed automatically along with python3.10.
The remaining parts of the Python standard library are broken out into the
python3.10-tkinter and python3.10-test packages, which may need to be installed
separately.

Documentation for Python is provided in the python3.10-docs package.

Packages containing additional libraries for Python are generally named with
the "python3.10-" prefix.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2025-0938
--------------------------------------------------------------------------------
ChangeLog:

* Mon Feb 10 2025 Charalampos Stratakis [cstratak@redhat.com] - 3.10.16-5
- Security fix for CVE-2025-0938
- Fixes: rhbz#2343276
* Thu Feb 6 2025 Miro HronÄok [mhroncok@redhat.com] - 3.10.16-4
- Rebuilt with mpdecimal 4.0.0
* Sat Feb 1 2025 Björn Esser [besser82@fedoraproject.org] - 3.10.16-3
- Add explicit BR: libxcrypt-devel
* Sat Jan 18 2025 Fedora Release Engineering [releng@fedoraproject.org] - 3.10.16-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343276 - CVE-2025-0938 python3.10: URL parser allowed square brackets in domain names [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2343276
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-10e053d399' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 40 Update: s390utils-2.33.1-4.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : s390utils
Product : Fedora 40
Version : 2.33.1
Release : 4.fc40
URL : https://github.com/ibm-s390-linux/s390-tools
Summary : Utilities and daemons for IBM z Systems
Description :
This is a meta package for installing the default s390-tools sub packages.
If you do not need all default sub packages, it is recommended to install the
required sub packages separately.

The s390utils packages contain a set of user space utilities that should to
be used together with the zSeries (s390) Linux kernel and device drivers.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 2:2.33.1-4
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: rust-snphost-0.5.0-3.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : rust-snphost
Product : Fedora 40
Version : 0.5.0
Release : 3.fc40
URL : https://crates.io/crates/snphost
Summary : Administrative utility for AMD SEV-SNP
Description :
Administrative utility for AMD SEV-SNP.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 0.5.0-3
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.5.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: chromium-133.0.6943.53-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-975cd7c234
2025-02-13 02:00:53.381626+00:00
--------------------------------------------------------------------------------

Name : chromium
Product : Fedora 40
Version : 133.0.6943.53
Release : 1.fc40
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to 133.0.6943.53
CVE-2025-0444: Use after free in Skia
CVE-2025-0445: Use after free in V8
CVE-2025-0451: Inappropriate implementation in Extensions API
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 4 2025 Than Ngo [than@redhat.com] - 133.0.6943.53-1
- Update to 133.0.6943.53
* CVE-2025-0444: Use after free in Skia
* CVE-2025-0445: Use after free in V8
* CVE-2025-0451: Inappropriate implementation in Extensions API
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-975cd7c234' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: rust-sevctl-0.6.0-4.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : rust-sevctl
Product : Fedora 40
Version : 0.6.0
Release : 4.fc40
URL : https://crates.io/crates/sevctl
Summary : Administrative utility for AMD SEV
Description :
Administrative utility for AMD SEV.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 0.6.0-4
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.6.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: rustup-1.27.1-6.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : rustup
Product : Fedora 40
Version : 1.27.1
Release : 6.fc40
URL : https://github.com/rust-lang/rustup
Summary : Manage multiple rust installations with ease
Description :
Manage multiple rust installations with ease.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 1.27.1-6
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 1.27.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: rust-openssl-0.10.70-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : rust-openssl
Product : Fedora 40
Version : 0.10.70
Release : 1.fc40
URL : https://crates.io/crates/openssl
Summary : OpenSSL bindings
Description :
OpenSSL bindings.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 5 2025 Fabio Valentini [decathorpe@gmail.com] - 0.10.70-1
- Update to version 0.10.70; Fixes RHBZ#2343421
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: rust-rpm-sequoia-1.7.0-5.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : rust-rpm-sequoia
Product : Fedora 40
Version : 1.7.0
Release : 5.fc40
URL : https://crates.io/crates/rpm-sequoia
Summary : Implementation of the RPM PGP interface using Sequoia
Description :
An implementation of the RPM PGP interface using Sequoia.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 1.7.0-5
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 1.7.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: rust-tealdeer-1.7.1-3.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : rust-tealdeer
Product : Fedora 40
Version : 1.7.1
Release : 3.fc40
URL : https://crates.io/crates/tealdeer
Summary : Fetch and show tldr help pages for many CLI commands
Description :
Fetch and show tldr help pages for many CLI commands. Full featured
offline client with caching support.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 1.7.1-3
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 1.7.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: rust-sequoia-octopus-librnp-1.10.0-6.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : rust-sequoia-octopus-librnp
Product : Fedora 40
Version : 1.10.0
Release : 6.fc40
URL : https://crates.io/crates/sequoia-octopus-librnp
Summary : Reimplementation of RNP's interface using Sequoia for use with Thunderbird
Description :
Reimplementation of RNP's interface using Sequoia for use with
Thunderbird.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 1.10.0-6
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 1.10.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: rust-sequoia-sqv-1.2.1-6.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : rust-sequoia-sqv
Product : Fedora 40
Version : 1.2.1
Release : 6.fc40
URL : https://crates.io/crates/sequoia-sqv
Summary : Simple OpenPGP signature verification program
Description :
A simple OpenPGP signature verification program.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 1.2.1-6
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 1.2.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: rust-pore-0.1.17-5.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : rust-pore
Product : Fedora 40
Version : 0.1.17
Release : 5.fc40
URL : https://crates.io/crates/pore
Summary : Performance oriented reimplementation of repo
Description :
A performance oriented reimplementation of repo.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 0.1.17-5
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.1.17-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: rust-sequoia-policy-config-0.7.0-3.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : rust-sequoia-policy-config
Product : Fedora 40
Version : 0.7.0
Release : 3.fc40
URL : https://crates.io/crates/sequoia-policy-config
Summary : Configure Sequoia using a configuration file
Description :
Configure Sequoia using a configuration file.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 0.7.0-3
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.7.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: rust-eif_build-0.2.1-3.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : rust-eif_build
Product : Fedora 40
Version : 0.2.1
Release : 3.fc40
URL : https://crates.io/crates/eif_build
Summary : CLI tool to create EIF files for AWS Nitro Enclaves
Description :
This CLI tool provides a low level path to assemble an enclave image
format (EIF) file used in AWS Nitro Enclaves.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 0.2.1-3
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.2.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: rust-sequoia-keyring-linter-1.0.1-10.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : rust-sequoia-keyring-linter
Product : Fedora 40
Version : 1.0.1
Release : 10.fc40
URL : https://crates.io/crates/sequoia-keyring-linter
Summary : Linter for keyrings
Description :
A linter for keyrings.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 1.0.1-10
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 1.0.1-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Sat Jul 20 2024 Fedora Release Engineering [releng@fedoraproject.org] - 1.0.1-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: libkrun-1.10.1-2.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : libkrun
Product : Fedora 40
Version : 1.10.1
Release : 2.fc40
URL : https://github.com/containers/libkrun
Summary : Dynamic library providing Virtualization-based process isolation capabilities
Description :
Dynamic library providing Virtualization-based process isolation capabilities.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 1.10.1-2
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: rust-openssl-sys-0.9.105-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : rust-openssl-sys
Product : Fedora 40
Version : 0.9.105
Release : 1.fc40
URL : https://crates.io/crates/openssl-sys
Summary : FFI bindings to OpenSSL
Description :
FFI bindings to OpenSSL.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 5 2025 Fabio Valentini [decathorpe@gmail.com] - 0.9.105-1
- Update to version 0.9.105; Fixes RHBZ#2343422
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.9.104-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: keylime-agent-rust-0.2.7-4.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : keylime-agent-rust
Product : Fedora 40
Version : 0.2.7
Release : 4.fc40
URL : https://github.com/keylime/rust-keylime/
Summary : Rust agent for Keylime
Description :
Rust agent for Keylime

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 0.2.7-4
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: rust-gst-plugin-reqwest-0.13.3-3.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : rust-gst-plugin-reqwest
Product : Fedora 40
Version : 0.13.3
Release : 3.fc40
URL : https://crates.io/crates/gst-plugin-reqwest
Summary : GStreamer reqwest HTTP Source Plugin
Description :
GStreamer reqwest HTTP Source Plugin.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 0.13.3-3
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.13.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: gotify-desktop-1.3.7-4.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : gotify-desktop
Product : Fedora 40
Version : 1.3.7
Release : 4.fc40
URL : https://github.com/desbma/gotify-desktop
Summary : Small Gotify daemon to receive and forward messages
Description :
Small Gotify daemon to receive messages and forward them as desktop notifications. Read Gotify messages, and forward them as standard desktop notification. Forward message priority. Auto reconnect if server connection is lost and get missed messages. Automatically download, cache, and show app icons.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 1.3.7-4
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
* Fri Jan 17 2025 Fedora Release Engineering [releng@fedoraproject.org] - 1.3.7-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: rust-nu-0.99.1-7.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : rust-nu
Product : Fedora 40
Version : 0.99.1
Release : 7.fc40
URL : https://crates.io/crates/nu
Summary : New type of shell
Description :
A new type of shell.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 0.99.1-7
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.99.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: fido-device-onboard-0.5.0-2.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : fido-device-onboard
Product : Fedora 40
Version : 0.5.0
Release : 2.fc40
URL : https://github.com/fdo-rs/fido-device-onboard-rs
Summary : A rust implementation of the FIDO Device Onboard Specification
Description :
A rust implementation of the FIDO Device Onboard Specification.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 0.5.0-2
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: rust-coreos-installer-0.23.0-2.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : rust-coreos-installer
Product : Fedora 40
Version : 0.23.0
Release : 2.fc40
URL : https://crates.io/crates/coreos-installer
Summary : Installer for Fedora CoreOS and RHEL CoreOS
Description :
coreos-installer installs Fedora CoreOS or RHEL CoreOS to bare-metal
machines (or, occasionally, to virtual machines).

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 0.23.0-2
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: rust-cargo-vendor-filterer-0.5.17-2.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : rust-cargo-vendor-filterer
Product : Fedora 40
Version : 0.5.17
Release : 2.fc40
URL : https://crates.io/crates/cargo-vendor-filterer
Summary : Cargo vendor, but with filtering for platforms and more
Description :
`cargo vendor`, but with filtering for platforms and more.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 0.5.17-2
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: keyring-ima-signer-0.1.0-17.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : keyring-ima-signer
Product : Fedora 40
Version : 0.1.0
Release : 17.fc40
URL : https://github.com/fedora-iot/keyring-ima-signer/
Summary : An IMA file signing tool using the kernel keyring
Description :
The IMA (Integrity Measurement Architecture) is a key component of the
Linux integrity subsystem designed to ensure integrity, authenticity,
and confidentiality of systems including hardware root of trusts (TPM).

This tool allows signing of files in userspace, inclusding options of
including the signature in xattr or a .sig file, using signing keys
stored in the kernel keyring to ensure they're not recoverable.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 0.1.0-17
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
* Fri Jan 17 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.1.0-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Thu Jul 18 2024 Fedora Release Engineering [releng@fedoraproject.org] - 0.1.0-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Fri Mar 22 2024 Fabio Valentini [decathorpe@gmail.com] - 0.1.0-14
- Refresh spec for rust-packaging v26.
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: rust-afterburn-5.7.0-3.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : rust-afterburn
Product : Fedora 40
Version : 5.7.0
Release : 3.fc40
URL : https://crates.io/crates/afterburn
Summary : Simple cloud provider agent
Description :
A simple cloud provider agent.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 5.7.0-3
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 5.7.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: envision-2.0.0-4.20241209git2.0.0.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : envision
Product : Fedora 40
Version : 2.0.0
Release : 4.20241209git2.0.0.fc40
URL : https://gitlab.com/gabmus/envision
Summary : UI for building, configuring, and running Monado/WiVRn
Description :
UI for building, configuring, and running Monado, the open source
OpenXR runtime.

This is still highly experimental software, while it's unlikely that
anything bad will happen, it's still unstable and there is no guarantee
that it will work on your system, with your particular hardware. If you
encounter any problems while using the app, make sure to open an issue.

Also consider that due to the unstable nature of the app, it's possible
to encounter unexpected behavior that while in VR might cause motion
sickness or physical injury. Be very careful while in VR using this app!

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 2.0.0-4
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
* Thu Jan 16 2025 Fedora Release Engineering [releng@fedoraproject.org] - 2.0.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: clevis-pin-tpm2-0.5.3-9.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f07616b52
2025-02-13 02:00:53.381620+00:00
--------------------------------------------------------------------------------

Name : clevis-pin-tpm2
Product : Fedora 40
Version : 0.5.3
Release : 9.fc40
URL : https://github.com/fedora-iot/clevis-pin-tpm2/
Summary : Clevis PIN for unlocking with TPM2 supporting Authorized Policies
Description :
Clevis PIN for unlocking with TPM2 supporting Authorized Policies.

--------------------------------------------------------------------------------
Update Information:

Update the openssl crate to version 0.10.70 and the openssl-sys crate to version
0.9.105.
This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all
packages that statically link the openssl crate.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 6 2025 Fabio Valentini [decathorpe@gmail.com] - 0.5.3-9
- Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004)
* Thu Jan 16 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.5.3-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Wed Jul 17 2024 Fedora Release Engineering [releng@fedoraproject.org] - 0.5.3-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Fri Mar 22 2024 Fabio Valentini [decathorpe@gmail.com] - 0.5.3-6
- Refresh spec for rust-packaging v26
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2343478
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: python3.14-3.14.0~a4-2.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-3726ae12e9
2025-02-13 02:00:53.381593+00:00
--------------------------------------------------------------------------------

Name : python3.14
Product : Fedora 40
Version : 3.14.0~a4
Release : 2.fc40
URL : https://www.python.org/
Summary : Version 3.14 of the Python interpreter
Description :
Python 3.14 is an accessible, high-level, dynamically typed, interpreted
programming language, designed with an emphasis on code readability.
It includes an extensive standard library, and has a vast ecosystem of
third-party libraries.

The python3.14 package provides the "python3.14" executable: the reference
interpreter for the Python language, version 3.
The majority of its standard library is provided in the python3.14-libs package,
which should be installed automatically along with python3.14.
The remaining parts of the Python standard library are broken out into the
python3.14-tkinter and python3.14-test packages, which may need to be installed
separately.

Documentation for Python is provided in the python3.14-docs package.

Packages containing additional libraries for Python are generally named with
the "python3.14-" prefix.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2025-0938
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 4 2025 Charalampos Stratakis [cstratak@redhat.com] - 3.14.0~a4-2
- Security fix for CVE-2025-0938
- Fixes: rhbz#2343273
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2343273 - CVE-2025-0938 python3.14: URL parser allowed square brackets in domain names [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2343273
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-3726ae12e9' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--