Update to WebKitGTK 2.46.6: Fix a crash when enabling Skia CPU rendering. Fix several crashes and rendering issues. Fix CVE-2024-54543, CVE-2025-24143, CVE-2025-24150, CVE-2025-24158, CVE-2025-24162
Comment
Archive for February, 2025
132 results.
Changes with nginx 1.26.3 05 Feb 2025 *) Security: insufficient check in virtual servers handling with TLSv1.3 SNI allowed to reuse SSL sessions in a different virtual server, to bypass client SSL certificates verification (CVE-2025-23419). *) Bugfix: in the ngx_http_mp4_module.
Changes with nginx 1.26.3 05 Feb 2025 *) Security: insufficient check in virtual servers handling with TLSv1.3 SNI allowed to reuse SSL sessions in a different virtual server, to bypass client SSL certificates verification (CVE-2025-23419). *) Bugfix: in the ngx_http_mp4_module.
The first major WordCamp of the year is here! WordCamp Asia 2025 lands in Manila, Philippines, from February 20-22, bringing together open source enthusiasts, developers, and WordPress professionals from across the region—and the world. With three packed days of learning, networking, and collaboration, this year’s event promises fresh insights, dynamic discussions, and plenty of opportunities […]
Several security issues were fixed in Apache ActiveMQ.
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
Rebase to 3.2.4, fix CVE-2024-12797
Update to 3.13.2 Statically build the _datetime module into libpython. This fixes a segfault when importing it from Python 3.13.0 updated to 3.13.1+ while running.
libsndfile could be made to crash if it opened a specially crafted file.
USN-6846-2 caused some regression in ansible.
USN-7256-1 caused some minor regressions in Ruby
Several security issues were fixed in digiKam.
Security fix for CVE-2025-0938
Security fix for CVE-2025-0938
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2025-24143
Two vulnerabilities were discovered in pam-pkcs11, a PAM module which allows to use PKCS#11 based smart cards in the PAM authentication stack, which may allow to bypass the authentication in some scenarios.
BlueZ could be made to crash or run programs as your login if it received specially crafted Bluetooth requests.
January CPU 2025
Update to 133.0.6943.53 CVE-2025-0444: Use after free in Skia CVE-2025-0445: Use after free in V8 CVE-2025-0451: Inappropriate implementation in Extensions API
Several security issues were fixed in OpenSSL.
WordPress 6.7.2 is now available! This minor release includes 35 bug fixes, addressing issues affecting multiple components including the block editor, HTML API, and Customize. WordPress 6.7.2 is a short-cycle release. The next major release will be version 6.8 planned for April 15, 2025. If you have sites that support automatic background updates, the update […]
Several security issues were fixed in Firefox.
Bing Shi reported a flaw in Libtasn1, a library to manage ASN.1 structures. Inefficient processing of input DER data containing a large number of SEQUENCE OF or SET OF elements, may result in a denial of service.
Ruby could be made to crash or run programs as your login if it opened a specially crafted file.
Multiple security vulnerabilities have been discovered in Cacti, a web interface for graphing of monitoring systems, which could result in cross-site scripting, SQL injection, or command injection.
GNU C Library could be made to crash or run programs if it received specially crafted input.