Sudo could be made to bypass host restrictions.
Comment
Archive for June, 2025
144 results.
Several security issues were fixed in the Linux kernel.
Rich Mirch discovered that sudo, a program designed to provide limited super user privileges to specific users, does not correctly handle the host (-h or –host) option. Due to a bug the host option was not restricted to listing privileges only and could be used when running a
USN-7582-1 introduced a regression in Samba.
Update to 138.0.7204.49 CVE-2025-6555: Use after free in Animation CVE-2025-6556: Insufficient policy enforcement in Loader CVE-2025-6557: Insufficient data validation in DevTools
Several vulnerabilities were discovered in catdoc, a text extractor for MS-Office files, which may result in denial of service or the execution of arbitrary code if a specially crafted file is processed.
Resolves CVE-2024-38824 RHBZ#2372731 Resolves CVE-2024-38824 RHBZ#2372733 Resolves CVE-2025-22239 RHBZ#2372732 Resolves CVE-2025-22239 RHBZ#2372734 Resolves CVE-2025-22236 RHBZ#2372774
Update to version 0.16.1 for various bugfixes. This also fixes CVE-2025-22872 in the bundled golang.org/x/net/html.
Resolves CVE-2024-38824 RHBZ#2372731 Resolves CVE-2024-38824 RHBZ#2372733 Resolves CVE-2025-22239 RHBZ#2372732 Resolves CVE-2025-22239 RHBZ#2372734 Resolves CVE-2025-22236 RHBZ#2372774
Update to release v1.32.6
Update to release v1.32.6
Update to version 0.16.1 for various bugfixes. This also fixes CVE-2025-22872 in the bundled golang.org/x/net/html.
Automatic update for podman-5.5.2-1.fc41. security fix for CVE-2025-6032 Changelog for podman * Tue Jun 24 2025 Packit
Update to 138.0.7204.49 CVE-2025-6555: Use after free in Animation CVE-2025-6556: Insufficient policy enforcement in Loader CVE-2025-6557: Insufficient data validation in DevTools
Update to 3.13.5, this release fixes the following CVEs: CVE 2024-12718, CVE 2025-4138, CVE 2025-4330, CVE-2025-4435, and CVE 2025-4517
WordCamp US 2025 is heading to vibrant Portland, Oregon, from August 26–29, 2025! Join fellow open source enthusiasts, developers, designers, and WordPress professionals from across the United States and around the world for four days of learning, networking, and collaboration at the Oregon Convention Center. Nestled in the Pacific Northwest, Portland is famous for its […]
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
Update to version 2.1.1 for various bugfixes. This also fixes CVE-2025-22872 in the bundled golang.org/x/net/html.
Latest release.
A buffer overflow was discovered in the International Components for Unicode (ICU) library. For the stable distribution (bookworm), this problem has been fixed in
pip could be made to expose sensitive information over the network.
libxslt could be made to expose sensitive information.
Several security issues were fixed in libarchive.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
xorg-x11-server CVE fix for CVE-2025-49175, CVE-2025-49176, CVE-2025-49177, CVE-2025-49178, CVE-2025-49179, CVE-2025-49180
Updated to latest upstream (140.0)