The version of the "openssl" crate bundled in this package is vulnerable to CVE-2025-0977 / RUSTSEC-2025-0004. c.f. https://rustsec.org/advisories/RUSTSEC-2025-0004.html Reproducible: Always
Fixed in https://src.fedoraproject.org/rpms/bpfman/c/2bf6d076ab28b10eea349dbe0294493ad5802c22?branch=rawhide , will backport to F43 and F42, thanks @decathorpe, not sure why the CI hasn't picked up the change
FEDORA-2025-e67231423f (bpfman-0.5.4-3.fc43) has been submitted as an update to Fedora 43. https://bodhi.fedoraproject.org/updates/FEDORA-2025-e67231423f
FEDORA-2025-0753bddd6c (bpfman-0.5.4-3.fc42) has been submitted as an update to Fedora 42. https://bodhi.fedoraproject.org/updates/FEDORA-2025-0753bddd6c
FEDORA-2025-e67231423f has been pushed to the Fedora 43 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-e67231423f` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2025-e67231423f See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2025-0753bddd6c has been pushed to the Fedora 42 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-0753bddd6c` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2025-0753bddd6c See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2025-e67231423f (bpfman-0.5.4-3.fc43) has been pushed to the Fedora 43 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2025-0753bddd6c (bpfman-0.5.4-3.fc42) has been pushed to the Fedora 42 stable repository. If problem still persists, please make note of it in this bug report.