Fedora alert FEDORA-2025-4154ea83d0 (rust-tikv-jemalloc-sys)

From:
             
 
updates--- via package-announce <package-announce@lists.fedoraproject.org>
To:
             
 
package-announce@lists.fedoraproject.org
Subject:
             
 
[SECURITY] Fedora 43 Update: rust-tikv-jemalloc-sys-0.6.1-1.fc43
Date:
             
 
Wed, 05 Nov 2025 02:13:03 +0000
Message-ID:
             
 
<20251105021303.DF71D79619@bastion01.rdu3.fedoraproject.org>
Archive-link:
             
 
Article
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-4154ea83d0
2025-11-05 02:09:57.817569+00:00
--------------------------------------------------------------------------------

Name        : rust-tikv-jemalloc-sys
Product     : Fedora 43
Version     : 0.6.1
Release     : 1.fc43
URL         : https://crates.io/crates/tikv-jemalloc-sys
Summary     : Rust FFI bindings to jemalloc
Description :
Rust FFI bindings to jemalloc.

--------------------------------------------------------------------------------
Update Information:

uv / python-uv-build 0.9.5
https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md
ruff 0.14.2
https://github.com/astral-sh/ruff/blob/0.14.2/CHANGELOG.md
Pydantic 2.12.3
Blog post
maturin 1.9.6
https://github.com/PyO3/maturin/blob/v1.9.6/Changelog.md
python-typing-inspection 0.4.2 (2025-10-01)
Add typing_objects.is_noextraitems()
python-jiter 0.11.0
https://github.com/pydantic/jiter/releases/tag/v0.11.0
python-pydantic-extra-types 2.10.6
https://github.com/pydantic/pydantic-extra-types/releases...
Typer
0.20.0
Features
✨ Enable command suggestions on typo by default.
Upgrades
⬆️ Add (official) support for Python 3.14.
Internal
Assorted small enhancements.
FastAPI
0.120.1
Upgrades
⬆️ Bump Starlette to <0.50.0.
Internal
🔧 Add license and license-files to pyproject.toml, remove License from
classifiers.
0.120.0
There are no major nor breaking changes in this release. ☕️
The internal reference documentation now uses annotated_doc.Doc instead of
typing_extensions.Doc, this adds a new (very small) dependency on annotated-doc,
a package made just to provide that Doc documentation utility class.
I would expect typing_extensions.Doc to be deprecated and then removed at some
point from typing_extensions, for that reason there's the new annotated-doc
micro-package. If you are curious about this, you can read more in the repo for
annotated-doc.
This new version 0.120.0 only contains that transition to the new home package
for that utility class Doc.
Translations, Internal
Assorted improvements.
0.119.1
Fixes
🐛 Fix internal Pydantic v1 compatibility (warnings) for Python 3.14 and Pydantic
2.12.1.
Docs, Internal
Assorted improvements.
0.119.0
FastAPI now (temporarily) supports both Pydantic v2 models and pydantic.v1
models at the same time in the same app, to make it easier for any FastAPI apps
still using Pydantic v1 to gradually but quickly migrate to Pydantic v2.
Features
✨ Add support for from pydantic.v1 import BaseModel, mixed Pydantic v1 and v2
models in the same app.
0.118.3
Upgrades
Add (official) support for Python 3.14.
0.118.2
Fixes
🐛 Fix tagged discriminated union not recognized as body field.
0.118.1
Upgrades
👽️ Ensure compatibility with Pydantic 2.12.0.
Docs, Translations, Internal
Assorted bugfixes and enhancements.
0.118.0
Fixes
🐛 Fix support for StreamingResponses with dependencies with yield or
UploadFiles, close after the response is done.
Before FastAPI 0.118.0, if you used a dependency with yield, it would run the
exit code after the path operation function returned but right before sending
the response.
This change also meant that if you returned a StreamingResponse, the exit code
of the dependency with yield would have been already run.
For example, if you had a database session in a dependency with yield, the
StreamingResponse would not be able to use that session while streaming data
because the session would have already been closed in the exit code after yield.
This behavior was reverted in 0.118.0, to make the exit code after yield be
executed after the response is sent.
You can read more about it in the docs for Advanced Dependencies - Dependencies
with yield, HTTPException, except and Background Tasks. Including what you could
do if you wanted to close a database session earlier, before returning the
response to the client.
Docs, Translations, Internal
Assorted bugfixes and enhancements.
Starlette
0.49.1 (October 28, 2025)
This release fixes a security vulnerability in the parsing logic of the Range
header in FileResponse.
You can view the full security advisory: GHSA-7f5h-v6xp-fcq8
Fixed
Optimize the HTTP ranges parsing logic.
0.49.0 (October 28, 2025)
Added
Add encoding parameter to Config class.
Support multiple cookie headers in Request.cookies.
Use Literal type for WebSocketEndpoint encoding values.
Changed
Do not pollute exception context in Middleware when using BaseHTTPMiddleware.
FastAPI CLI
0.0.14
Upgrades
⬆️ Add support for Python 3.13 and 3.14.
FastAPI Cloud CLI
0.3.1
Fixes
🐛 Fix login url not linked correctly.
Refactors
♻️ Refactor env vars creation.
🔥 Remove env vars from deploy workflow.
Internal
♻️ Log files added to archive in debug mode.
✅ Add test to make sure .fastapicloudignore can override .gitignore.
0.3.0
Features
✨ Add support for .fastapicloudignore file.
0.2.1
Features
✨ Add support for verification statuses.
python-rignore
0.7.1
Add support for overrides
0.7.0
Update PyO3 to 0.26
python-inline-snapshot
0.30.1 — 2025-10-20
Fixed
Disable ensure ascii in json.dump to support non-ASCII characters in external
files
0.30.0 — 2025-10-15
Added
The test-dir config option can now also be a list of paths
added (official) Python 3.14 support
0.29.4 — 2025-10-13
Changed
External.run_inline() now uses the same logic as External.run_pytest.
Fixed
inline-snapshot now supports different Python file encodings and recognizes
encoding comments such as # -*- coding: windows-1251 -*-
0.29.3 — 2025-10-04
Fixed
xdist is now detected properly.
0.29.2 — 2025-10-01
Fixed
fixed string formatting with black which caused invalid snapshots
rust-regex 1.11.3 (2025-09-25)
This is a small patch release with an improvement in memory usage in some
cases.
Improvements:
Improve memory usage by trimming excess memory capacity in some spots.
rust-speedate 0.17.0
feat: add new from float with config func
Derive Copy on Date, Time and DateTime
rust-astral-tokio-tar 0.5.6
Fixed a parser desynchronization vulnerability when reading tar archives that
  contain mismatched size information in PAX/ustar headers.
This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
and CVE-2025-62518.
Update rust-regex-automata to 0.4.11
Update rust-serde_json to 1.0.145
Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1
Update python-pydantic-core to 2.41.4
Update openapi-python-client to 0.26.2 and patch it to allow ruff 0.14 and typer
0.20
Initial package for python-cron-converter
Initial packages for a number of new Rust library dependencies for ruff and uv
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 16 2025 Benjamin A. Beasley <code@musicinmybrain.net> - 0.6.1-1
- Update to version 0.6.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2360699 - ruff-0.14.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2360699
  [ 2 ] Bug #2371174 - maturin-1.9.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2371174
  [ 3 ] Bug #2395006 - rust-serde_json-1.0.145 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2395006
  [ 4 ] Bug #2395167 - python-jiter-0.11.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2395167
  [ 5 ] Bug #2398117 - rust-regex-1.11.3 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2398117
  [ 6 ] Bug #2398118 - rust-regex-automata-0.4.11 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2398118
  [ 7 ] Bug #2398161 - fastapi-cloud-cli-0.2.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2398161
  [ 8 ] Bug #2400050 - python-fastapi-0.118.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2400050
  [ 9 ] Bug #2400578 - python-typing-inspection-0.4.2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2400578
  [ 10 ] Bug #2400943 - python-inline-snapshot-0.29.2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2400943
  [ 11 ] Bug #2401013 - python-rignore-0.7.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2401013
  [ 12 ] Bug #2401022 - fastapi-cloud-cli-0.3.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2401022
  [ 13 ] Bug #2401408 - maturin-1.9.6 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2401408
  [ 14 ] Bug #2401439 - python-inline-snapshot-0.29.3 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2401439
  [ 15 ] Bug #2402439 - python-pydantic-extra-types-2.10.6 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2402439
  [ 16 ] Bug #2402441 - rust-reqsign-core-2.0.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2402441
  [ 17 ] Bug #2402442 - rust-reqsign-command-execute-tokio-2.0.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2402442
  [ 18 ] Bug #2402443 - rust-reqsign-http-send-reqwest-2.0.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2402443
  [ 19 ] Bug #2402479 - python-fastapi-0.118.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2402479
  [ 20 ] Bug #2402494 - Review Request: python-cron-converter - Cron string parser and scheduler
for Python
        https://bugzilla.redhat.com/show_bug.cgi?id=2402494
  [ 21 ] Bug #2402517 - python-fastapi-0.118.2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2402517
  [ 22 ] Bug #2402725 - fastapi-cloud-cli-0.3.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2402725
  [ 23 ] Bug #2402881 - python-uv-build-0.9.5 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2402881
  [ 24 ] Bug #2402923 - uv-0.9.5 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2402923
  [ 25 ] Bug #2403079 - python-fastapi-0.118.3 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2403079
  [ 26 ] Bug #2403294 - python-fastapi-0.119.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2403294
  [ 27 ] Bug #2403490 - python-inline-snapshot-0.29.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2403490
  [ 28 ] Bug #2403670 - python-pydantic-2.12.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2403670
  [ 29 ] Bug #2403839 - python-pydantic-2.12.2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2403839
  [ 30 ] Bug #2404080 - python-inline-snapshot-0.30.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2404080
  [ 31 ] Bug #2404311 - python-rignore-0.7.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2404311
  [ 32 ] Bug #2404693 - python-jiter-0.11.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2404693
  [ 33 ] Bug #2404731 - python-pydantic-2.12.3 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2404731
  [ 34 ] Bug #2405079 - python-fastapi-0.119.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2405079
  [ 35 ] Bug #2405080 - python-inline-snapshot-0.30.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2405080
  [ 36 ] Bug #2405109 - fastapi-cli-0.0.14 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2405109
  [ 37 ] Bug #2405172 - python-typer-0.20.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2405172
  [ 38 ] Bug #2406135 - ruff-0.14.2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2406135
  [ 39 ] Bug #2406610 - python-fastapi-0.120.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2406610
  [ 40 ] Bug #2406784 - python-starlette-0.49.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2406784
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-4154ea83d0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgr...

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



Attachment: None (type=text/plain)
-- 
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-cond...
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/package-ann...
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue