CVE fix for CVE-2024-31080, CVE-2024-31081, CVE-2024-31083, and a fix for a regression introduced with the fix for CVE-2024-31083
Archive for Fedora Linux Distribution – Security Advisories
Update to 20240116.2: fixes possible out-of-bounds string access as described in https://github.com/abseil/abseil-cpp/pull/1650.
Update to idna-3.7.
Security fix for CVE-2023-4692 Security fix for CVE-2023-4693 Fri Apr 12 2024 Nicolas Frayer [email protected] – 2.06-121 fs/xfs: Handle non-continuous data blocks in directory extents Related: #2254370
Update to latest upstream version 1.7.17 (closes rhbz#2255953)
update to 124.0.6367.60 High CVE-2024-3832: Object corruption in V8 High CVE-2024-3833: Object corruption in WebAssembly High CVE-2024-3914: Use after free in V8 High CVE-2024-3834: Use after free in Downloads
update to 124.0.6367.60 High CVE-2024-3832: Object corruption in V8 High CVE-2024-3833: Object corruption in WebAssembly High CVE-2024-3914: Use after free in V8 High CVE-2024-3834: Use after free in Downloads
New upstream release (125.0)
Update llhttp to 9.2.1, fixing CVE-2024-27982. Additionally, llhttp 9.2.0 contained a number of bug fixes. Backport llhttp 9.2.1 support to python-aiohttp 3.9.3.
Update llhttp to 9.2.1, fixing CVE-2024-27982. Additionally, llhttp 9.2.0 contained a number of bug fixes. Backport llhttp 9.2.1 support to python-aiohttp 3.9.3.
New upstream release (125.0) New upstream release (124.0.2)
This update includes httpd version 2.4.59, fixing various security issues and bugs. See https://downloads.apache.org/httpd/CHANGES_2.4.59 for complete details of the changes in this release.
sosreport: Fix command injection with crafted report names [CVE-2024-2947]
Fix for CVE-2024-31497
New upstream release (125.0)
The 6.8.6 stable kernel update contains a number of important fixes across the tree.
1.28.1 fixes a significant bug in 1.28.0. Update to 1.28.0. Also fixes CVE-2024-25629.
1.28.1 fixes a significant bug in 1.28.0. Update to 1.28.0. Also fixes CVE-2024-25629.
update to 123.0.6312.122 * High CVE-2024-3157: Out of bounds write in Compositing * High CVE-2024-3516: Heap buffer overflow in ANGLE * High CVE-2024-3515: Use after free in Dawn
The 6.8.5 stable kernel update contains a number of important fixes across the tree.
update to 123.0.6312.122 * High CVE-2024-3157: Out of bounds write in Compositing * High CVE-2024-3516: Heap buffer overflow in ANGLE * High CVE-2024-3515: Use after free in Dawn
Bring all current releases from either version 0.7.3 or 0.6.12 to version 0.7.6 for more bug-fixes and also as to resolve potential security issues: https://lib.openmpt.org/libopenmpt/news/
Security fix for CVE-2024-24576 (Windows command injection)
Update to upstream 9.2.4, resolves CVE-2024-31309 (CONTINUATION frames DoS)
Update to upstream 9.2.4, resolves CVE-2024-31309 (CONTINUATION frames DoS)
This is the March 2024 update for .NET 7. Release Notes: https://github.com/dotnet/core/blob/main/release- notes/7.0/7.0.17/7.0.17.md
This is the March 2024 update for .NET 7. Release Notes: https://github.com/dotnet/core/blob/main/release- notes/7.0/7.0.17/7.0.17.md
Update to 10.3.0.
This is the March 2024 monthly update for .NET 8 for Fedora. Release Notes: https://github.com/dotnet/core/blob/main/release- notes/8.0/8.0.3/8.0.3.md