Fedora has released several important security updates for its Linux distributions, specifically targeting vulnerabilities in Fedora 41 and 42. These updates address critical issues, including CVE-2025-9566, which affects podman, buildah, and containers-common packages, and CVE-2025-58160, impacting loupe, glycin, rust-matchers, and rust-tracing-subscriber packages.

Key Updates:

- Fedora 41:
- loupe: Updated to version 47.4-2.fc41, addressing CVE-2025-58160.
- rust-matchers: Updated to version 0.2.0-1.fc41.
- rust-tracing-subscriber: Updated to version 0.3.20-1.fc41.

- Fedora 42:
- podman: Updated to version 5.6.1-1.fc42, fixing CVE-2025-9566.
- containers-common: Updated to version 0.64.2-1.fc42.
- buildah: Updated to version 1.41.4-1.fc42.
- glycin: Updated to version 1.2.3-5.fc42, addressing CVE-2025-58160.
- loupe: Updated to version 48.1-2.fc42, addressing CVE-2025-58160.
- rust-matchers: Updated to version 0.2.0-1.fc42.
- rust-tracing-subscriber: Updated to version 0.3.20-1.fc42.

Detailed Description of Updates:

1. Loupe: An image viewer built with GTK 4, it is known for its GPU-accelerated image rendering capabilities and support for various image formats. The latest update addresses a security vulnerability related to tracing log pollution.

2. Podman: A container engine that is daemonless and allows for managing containers and images without requiring root privileges. The update resolves a vulnerability where the kube play command could potentially overwrite host files.

3. Buildah: A command-line tool for creating OCI images, it received updates alongside podman, enhancing security features and capabilities.

4. Glycin: Focused on sandboxed image rendering, this update also addresses the tracing log pollution vulnerability.

5. Rust Libraries: Both rust-matchers and rust-tracing-subscriber were updated to include fixes for the security issue while enhancing regex matching and tracing functionalities.

Installation:

Users can apply these updates using the `dnf` package manager with the following command:

bashsu -c 'dnf upgrade --advisory '

For more detailed instructions, users should refer to the [dnf documentation](http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label).

Conclusion:

These updates are critical for maintaining the security and functionality of Fedora systems. Users are encouraged to install these updates promptly to protect their systems from identified vulnerabilities. Moreover, the Fedora Project ensures all packages are signed with its GPG key, maintaining integrity and trust in the updates provided

Loupe, Podman, Buildah, and more updates for Fedora

Multiple security updates have been released for various Fedora Linux versions, including Fedora 41 and 42. The updates address several vulnerabilities, including CVE-2025-9566, which affects podman, buildah, and containers-common packages, and CVE-2025-58160, which affects loupe, glycin, rust-matchers, and rust-tracing-subscriber packages.

Fedora 41 Update: loupe-47.4-2.fc41
Fedora 41 Update: rust-matchers-0.2.0-1.fc41
Fedora 41 Update: rust-tracing-subscriber-0.3.20-1.fc41
Fedora 42 Update: podman-5.6.1-1.fc42
Fedora 42 Update: containers-common-0.64.2-1.fc42
Fedora 42 Update: buildah-1.41.4-1.fc42
Fedora 42 Update: glycin-1.2.3-5.fc42
Fedora 42 Update: loupe-48.1-2.fc42
Fedora 42 Update: rust-matchers-0.2.0-1.fc42
Fedora 42 Update: rust-tracing-subscriber-0.3.20-1.fc42

Loupe, Podman, Buildah, and more updates for Fedora @ Linux Compatible