Read Time:27 Second

FEDORA-2025-472776e5dc

Packages in this update:

rust-openssl-0.10.72-1.fc40
rust-openssl-sys-0.9.107-1.fc40

Update description:

Update the openssl crate to version 0.10.72.
Update the openssl-sys crate to version 0.9.107.

This update addresses CVE-2025-3416 / RUSTSEC-2025-0022 (a possible use-after-free issue in two public functions). A survey of dependent packages in Fedora shows that none of them use the affected API, or do not use them in a way that triggers this issue.

More Stories

Business Logic Flaw: Price Manipulation – AlegroCartv1.2.9

Posted by Andrey Stoykov on Apr 23 # Exploit Title: Business Logic Flaw: Price Manipulation - alegrocartv1.2.9 # Date: 04/2025...

Stored XSS in “Message” Functionality – AlegroCartv1.2.9

Posted by Andrey Stoykov on Apr 23 # Exploit Title: Stored XSS in "Message" Functionality - alegrocartv1.2.9 # Date: 04/2025...

XSS via SVG Image Upload – AlegroCartv1.2.9

Posted by Andrey Stoykov on Apr 23 # Exploit Title: XSS via SVG Image Upload - alegrocartv1.2.9 # Date: 04/2025...

BBOT 2.1.0 – Local Privilege Escalation via Malicious Module Execution

Posted by Housma mardini on Apr 23 Hi Full Disclosure, I'd like to share a local privilege escalation technique involving...

USN-7454-1: libarchive vulnerabilities

It was discovered that the libarchive bsdunzip utility incorrectly handled certain ZIP archive files. If a user or automated system...

USN-7453-1: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...