stable

maturin-1.9.6-5.fc45, python-fastar-0.9.0-2.fc45, & 4 more

FEDORA-2026-c6c01a71f2 created by music a month ago for Fedora 45

Update rust-astral-tokio-tar to 0.6.0, fixing CVE-2026-32766. Update rust-tar to 0.4.45 to 0.4.45, fixing CVE-2026-33056. Update uv and python-uv-build to [0.10.2](https://github.com/astral-sh/uv/blob/0.10.12/CHANGELOG.md, rebuilding them with the latest rust-astral-tokio-tar and rust-tar. Rebuild python-fastar and maturin with the latest rust-tar.

This update's test gating status has been changed to 'waiting'.

a month ago

This update's test gating status has been changed to 'ignored'.

a month ago

This update has been submitted for stable by bodhi

a month ago

Please log in to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
0 days
Dates
submitted
a month ago
in testing
a month ago
in stable
a month ago
approved
a month ago
Builds
6
maturin-1.9.6-5.fc45
python-fastar-0.9.0-2.fc45
python-uv-build-0.10.12-1.fc45
rust-astral-tokio-tar-0.6.0-1.fc45
rust-tar-0.4.45-1.fc45
uv-0.10.12-1.fc45
BZ#2448054 rust-astral-tokio-tar-0.6.0 is available
0
0
BZ#2449243 uv-0.10.12 is available
0
0
BZ#2449274 rust-tar-0.4.45 is available
0
0
BZ#2449338 python-uv-build-0.10.12 is available
0
0
BZ#2449645 python-fastar-0.9.0 is available
0
0
BZ#2449681 CVE-2026-33056 maturin: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all]
0
0
BZ#2449683 CVE-2026-33056 python-fastar: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all]
0
0
BZ#2449684 CVE-2026-33056 python-uv-build: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all]
0
0
BZ#2449694 CVE-2026-33056 uv: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all]
0
0
maturin-1.9.6-5.fc45
python-fastar-0.9.0-2.fc45
python-uv-build-0.10.12-1.fc45
rust-astral-tokio-tar-0.6.0-1.fc45
rust-tar-0.4.45-1.fc45
uv-0.10.12-1.fc45

Automated Test Results

Copyright © 2007-2026 Red Hat, Inc. and others.

Running bodhi-server 26.4.0 on bodhi-web-6f874fb45-tc56b.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy