stable

kea-2.6.3-1.fc42

FEDORA-2025-dc6ec0a8e2 created by mosvald 10 months ago for Fedora 42
  • New version 2.6.3 (#2368989)
  • Fix for: CVE-2025-32801, CVE-2025-32802, CVE-2025-32803
  • kea.conf: Remove /tmp/ from socket-name for existing configurations
  • kea.conf: Set pseudo-random password for default config to secure fresh install and allow CA startup without user intervention
  • kea.conf: Restrict directory permissions
  • Sync service files with upstream
  • Fix leases ownership when switching from root to kea user (#2324168)

Release Notes:

The new default configuration file, kea-ctrl-agent.conf, introduces an authentication setting, "password-file", which restricts access to the REST API. On Fedora, the kea-api-password file is automatically populated with a pseudo-random password to secure new installations.

For system upgrades, it is strongly recommended to update any custom configurations to restrict access to the REST API.

For more details, including information on CVE fixes and incompatible changes, refer to the upstream release notes:

https://downloads.isc.org/isc/kea/2.6.3/Kea-2.6.3-ReleaseNotes.txt

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2025-dc6ec0a8e2

This update has been submitted for testing by mosvald.

10 months ago

This update's test gating status has been changed to 'waiting'.

10 months ago

This update's test gating status has been changed to 'passed'.

10 months ago

This update has been pushed to testing.

10 months ago

This update has been submitted for stable by bodhi.

10 months ago

This update has been pushed to stable.

10 months ago

Please log in to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
10 months ago
in testing
10 months ago
in stable
10 months ago
approved
10 months ago
Builds
1
kea-2.6.3-1.fc42
BZ#2324168 System update from F40 to F41: kea-dhcp unusable
0
0
BZ#2368989 kea-2.6.3 is available
0
0
BZ#2369337 CVE-2025-32803 kea: Insecure file permissions can result in confidential information leakage [fedora-42]
0
0
BZ#2369379 CVE-2025-32801 kea: Loading a malicious hook library can lead to local privilege escalation [fedora-42]
0
0
BZ#2370279 CVE-2025-32802 kea: Insecure handling of file paths allows multiple local attacks [fedora-42]
0
0
kea-2.6.3-1.fc42

Automated Test Results

Copyright © 2007-2026 Red Hat, Inc. and others.

Running bodhi-server 25.11.3 on bodhi-web-21-hcnm2.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy