testing

kea-2.6.3-1.fc41

FEDORA-2025-b870671130 created by mosvald 4 days ago for Fedora 41
  • New version 2.6.3 (#2368989)
  • Fix for: CVE-2025-32801, CVE-2025-32802, CVE-2025-32803
  • kea.conf: Remove /tmp/ from socket-name for existing configurations
  • kea.conf: Set pseudo-random password for default config to secure fresh install and allow CA startup without user intervention
  • kea.conf: Restrict directory permissions
  • Sync service files with upstream
  • Fix leases ownership when switching from root to kea user (#2324168)

Release Notes:

The new default configuration file, kea-ctrl-agent.conf, introduces an authentication setting, "password-file", which restricts access to the REST API. On Fedora, the kea-api-password file is automatically populated with a pseudo-random password to secure new installations.

For system upgrades, it is strongly recommended to update any custom configurations to restrict access to the REST API.

For more details, including information on CVE fixes and incompatible changes, refer to the upstream release notes:

https://downloads.isc.org/isc/kea/2.6.3/Kea-2.6.3-ReleaseNotes.txt

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-b870671130

This update has been submitted for testing by mosvald.

4 days ago

This update's test gating status has been changed to 'waiting'.

4 days ago

This update's test gating status has been changed to 'passed'.

4 days ago

This update has been pushed to testing.

3 days ago

Please log in to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Thresholds
Minimum Karma
+1
Minimum Testing
7 days
Dates
submitted
4 days ago
in testing
3 days ago
days to stable
4
Builds
1
kea-2.6.3-1.fc41
BZ#2324168 System update from F40 to F41: kea-dhcp unusable
0
0
BZ#2368989 kea-2.6.3 is available
0
0
BZ#2369336 CVE-2025-32803 kea: Insecure file permissions can result in confidential information leakage [fedora-41]
0
0
BZ#2369380 CVE-2025-32801 kea: Loading a malicious hook library can lead to local privilege escalation [fedora-41]
0
0
BZ#2370278 CVE-2025-32802 kea: Insecure handling of file paths allows multiple local attacks [fedora-41]
0
0
kea-2.6.3-1.fc41

Automated Test Results

Copyright © 2007-2025 Red Hat, Inc. and others.

Running bodhi-server 25.5.1 on bodhi-web-181-phpnd.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy