FEDORA-2025-0fe12b20e6

Packages in this update:

suricata-7.0.9-1.fc42

Update description:

Various security, performance, accuracy, and stability issues have been fixed. LibHTP has been updated to version 0.5.50 which is bundled with this new release. This fixes:

CVE-2025-29915: HIGH
CVE-2025-29917: HIGH
CVE-2025-29918: HIGH
CVE-2025-29916: Moderate

Read More

FEDORA-2025-109f69791e

Packages in this update:

suricata-7.0.9-1.fc41

Update description:

Various security, performance, accuracy, and stability issues have been fixed. LibHTP has been updated to version 0.5.50 which is bundled with this new release. This fixes:

CVE-2025-29915: HIGH
CVE-2025-29917: HIGH
CVE-2025-29918: HIGH
CVE-2025-29916: Moderate

Read More

It was discovered that uriparser did not correctly handle certain inputs,
which could lead to an integer overflow. An attacker could possibly use
this issue to cause a denial of service or execute arbitrary code.
(CVE-2024-34402, CVE-2024-34403)

Read More

Nakul Choudhary and Robert Xiao discovered that RestrictedPython did not
properly sanitize certain inputs. An attacker could possibly use this
issue to execute arbitrary code. This issue only affected
Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-37271)

Abhishek Govindarasu, Ankush Menat and Ward Theunisse discovered that
RestrictedPython did not correctly handle certain format strings. An
attacker could possibly use this issue to leak sensitive information.
This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
(CVE-2023-41039)

It was discovered that RestrictedPython did not correctly restrict access
to certain fields. An attacker could possibly use this issue to leak
sensitive information. (CVE-2024-47532)

It was discovered that RestrictedPython contained a type confusion
vulnerability. An attacker could possibly use this issue to execute
arbitrary code. This issue only affected Ubuntu 24.04 LTS and
Ubuntu 24.10. (CVE-2025-22153)

Read More

A vulnerability has been discovered in Apache Tomcat, which could allow for remote code execution. Apache Tomcat is an open-source Java servlet container and web server used to host Java-based web applications and implement Java Servlet and JavaServer Pages (JSP) specifications, providing a platform for running dynamic web content. Successful exploitation of the of this vulnerability could allow for remote code execution in the context of the system. Depending on the privileges associated with the system, an attacker could then install programs; view, change, or delete data.

Read More

FEDORA-2025-92362585e0

Packages in this update:

containerd-1.7.27-1.fc41

Update description:

Update to v1.7.27 for F41

Read More

FEDORA-2025-73800111e8

Packages in this update:

golang-github-openprinting-ipp-usb-0.9.30-1.fc41

Update description:

0.9.30, rebuild due golang CVE-2025-22870

Read More

FEDORA-2025-0951177024

Packages in this update:

nodejs-nodemon-3.1.9-3.fc41

Update description:

Added patch for CVE-2024-4068 (rhbz#2280624)

Read More

FEDORA-2025-9a278a7768

Packages in this update:

nodejs-nodemon-3.1.9-3.fc40

Update description:

Added patch for CVE-2024-4068 (rhbz#2280624)

Read More

FEDORA-2025-7d7b644265

Packages in this update:

nodejs-nodemon-3.1.9-4.fc42

Update description:

Added patch for CVE-2024-4068 (rhbz#2280624)

Read More