stable

yarnpkg-1.22.22-11.fc42

FEDORA-2025-cf39a93e95 created by smani 10 months ago for Fedora 42

Apply fixes for CVE-2025-8262 and CVE-2025-7783.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2025-cf39a93e95

This update has been submitted for testing by smani.

10 months ago

This update's test gating status has been changed to 'ignored'.

10 months ago

This update has been pushed to testing.

10 months ago
User Icon ataraxia commented & provided feedback 10 months ago
karma

yarn install works fine.

This update can be pushed to stable now if the maintainer wishes

10 months ago
User Icon ataraxia commented & provided feedback 10 months ago
karma

yarn install is working here.

This update has been submitted for stable by bodhi.

9 months ago

This update has been pushed to stable.

9 months ago

Please log in to add feedback.

Metadata
Type
security
Severity
medium
Karma
1
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
10 months ago
in testing
10 months ago
in stable
9 months ago
approved
10 months ago
Builds
1
yarnpkg-1.22.22-11.fc42
BZ#2382001 CVE-2025-7783 yarnpkg: Unsafe random function in form-data [epel-10]
0
0
BZ#2382007 CVE-2025-7783 yarnpkg: Unsafe random function in form-data [epel-9]
0
0
BZ#2382017 CVE-2025-7783 yarnpkg: Unsafe random function in form-data [fedora-41]
0
0
BZ#2382027 CVE-2025-7783 yarnpkg: Unsafe random function in form-data [fedora-42]
0
0
BZ#2383877 CVE-2025-8262 yarnpkg: Yarn Regex Complexity Vulnerability [epel-10]
0
0
BZ#2383879 CVE-2025-8262 yarnpkg: Yarn Regex Complexity Vulnerability [epel-9]
0
0
BZ#2383880 CVE-2025-8262 yarnpkg: Yarn Regex Complexity Vulnerability [fedora-41]
0
0
BZ#2383881 CVE-2025-8262 yarnpkg: Yarn Regex Complexity Vulnerability [fedora-42]
0
0
yarnpkg-1.22.22-11.fc42

Automated Test Results

Copyright © 2007-2026 Red Hat, Inc. and others.

Running bodhi-server 26.4.0 on bodhi-web-987666886-6rcd2.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy