This release fixes CVE-2024-13939 (leaking the length of a secret string)
Comment
Archive for April, 2025
152 results.
Update the openssl crate to version 0.10.72. Update the openssl-sys crate to version 0.9.107. This update addresses CVE-2025-3416 / RUSTSEC-2025-0022 (a possible use-after- free issue in two public functions). A survey of dependent packages in Fedora shows that none of them use the affected API, or do not use them in a way that
It was discovered that mod_auth_openidc, an OpenID Certified authentication and authorization module for the Apache HTTP server that implements the OpenID Connect Relying Party functionality, was susceptible to information disclosure in some configurations
Several security issues were fixed in Ruby.
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
See https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-21-0-is-out/
Version 6.9.1 (2025-04-03) Fixed Path Traversal security vulnerability reported by Positive Technologies. Version 6.9.0 (2025-03-30) Added PHP 8.4 testing. Removed tcpdf_import.php and tcpdf_parser.php files (for a parser check the tc-
This releases preserves enablement state of dnf-automatic.timer when upgrading to Fedora 41.
MariaDB 10.11.11 Release notes: https://mariadb.com/kb/en/mariadb-10-11-11-release-notes/
Several security issues were fixed in QuickJS.
Several security issues were fixed in 7-Zip.
docker.io could allow unintended access to network services
WordPress 6.8 “Cecil”
Apr15
WordPress 6.8, code-named “Cecil,” refines your creative workflow with a streamlined Style Book, now available in select Classic themes. Enjoy faster navigation via speculative loading, stronger security with bcrypt password hashing, and over 100 accessibility improvements. With thoughtful editor upgrades and behind-the-scenes performance boosts, 6.8 delivers polish, power, and precision.
Several security issues were fixed in CImg.
Several security issues were fixed in WebKitGTK.
WordCamp Europe 2025 will be held in gorgeous Basel, Switzerland, from June 5 to 7. It will bring together open source enthusiasts, developers, and WordPress professionals from across the region—and the world! This year’s event offers fresh perspectives, engaging conversations, and countless opportunities to connect with the WordPress community, agencies, and innovators over three action-packed […]
Protocol Buffers could be made to crash if it received specially crafted input.
Perl could be made to crash or run programs if it processed specially crafted data.
Several security issues were fixed in GraphicsMagick.
Nathan Mills discovered a heap-based buffer overflow vulnerability in the implementation of the Perl programming language when transliterating non-ASCII bytes with tr///, which may result in denial of service, or potentially the execution of arbitrary code.
Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in information disclosure, cross-site scripting or restriction bypass.
Update to 135.0.7049.84 * CVE-2025-3066: Use after free in Site Isolation
Update to 135.0.7049.84 * CVE-2025-3066: Use after free in Site Isolation
Update to 6.0.39 (CVE-2024-45700, CVE-2024-36469, CVE-2024-42325, CVE-2024-45699)
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Update to 1.34.5. Fixes CVE-2025-31498.
Update to upstream OpenVPN 2.6.14 Fixes CVE-2025-2704
Update to 7.2.5 (CVE-2024-36469, CVE-2024-42325, CVE-2024-45700)
Update to 135.0.7049.52 High CVE-2025-3066: Use after free in Navigations Medium CVE-2025-3067: Inappropriate implementation in Custom Tabs Medium CVE-2025-3068: Inappropriate implementation in Intents Medium CVE-2025-3069: Inappropriate implementation in Extensions