The 6.7.11 stable kernel update contains a number of important fixes across the tree.
Archive for Fedora Linux Distribution – Security Advisories
Update to 2.53.18.2
Update to 2.53.18.2
Update to 2.53.18.2
Fedora 38: prometheus-podman-exporter 2024-45f0a1df95
release v1.11.0 release v1.10.1 release v1.10.0
These are bug fix and security releases including MODERATE, HIGH, and CRITICAL issues.
Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 base64 now packaged in Fedora
Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 base64 now packaged in Fedora
Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 base64 now packaged in Fedora
podman-tui release v1.0.0 Security fix for [CVE-2024-28180]
x86: Register File Data Sampling [XSA-452, CVE-2023-28746] GhostRace: Speculative Race Conditions [XSA-453, CVE-2024-2193]
podman-tui release v1.0.0
Version 6.7.4 (2024-03-21) Upgrade tcpdf tag encryption algorithm. Version 6.7.3 (2024-03-20) Fix regression issue #699. Version 6.7.2 (2024-03-18)
Update to 115.9.0 https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/ https://www.thunderbird.net/en-US/thunderbird/115.9.0/releasenotes/
Fedora 38: python-pygments 2024-8eaf80107a
Security fix for CVE-2022-40896
Added upstream patch to fix out-of-bounds access due to multiple backspaces to address incomplete fix for CVE-2022-38223 (#2222775, #2222780, #2255207)
Added upstream patch to fix out-of-bounds access due to multiple backspaces to address incomplete fix for CVE-2022-38223 (#2222775, #2222780, #2255207)
Security fix for CVE-2024-1753 Automatic update for podman-5.0.0-1.fc40. Changelog for podman * Tue Mar 19 2024 Packit
Security fix for CVE-2024-1753 Automatic update for podman-5.0.0-1.fc40. Changelog for podman * Tue Mar 19 2024 Packit
Update to 2.44.0 CVE-2024-23263, CVE-2024-23280, CVE-2024-23284
New upstream version (124.0.1)
Patch CVE-2023-4256 and CVE-2023-43279
Updates google.golang.org/protobuf to v1.33.0 to resolve CVE-2024-24786. Kubernetes is now built with go 1.21.8.
Update to version 2.13.1 Fix CVE-2024-28054
update to xen-4.18.1 rebase xen.gcc12.fixes.patch remove patches now included or superceded upstream x86: Register File Data Sampling [XSA-452, CVE-2023-28746] GhostRace: Speculative Race Conditions [XSA-453, CVE-2024-2193]
Security fix for CVE-2024-2182 ovn: insufficient validation of BFD packets may lead to denial of service [fedora-all]
Update to 123.0.6312.58 * High CVE-2024-2625: Object lifecycle issue in V8 * Medium CVE-2024-2626: Out of bounds read in Swiftshader * Medium CVE-2024-2627: Use after free in Canvas * Medium CVE-2024-2628: Inappropriate implementation in Downloads
Upgrade to 2.44.0: Make the DOM accessibility tree reachable from UI process with GTK4. Removed the X11 and WPE renderers in favor of DMA-BUF. Improved vblank synchronization when rendering. Removed key event reinjection in GTK4 to make keyboard shortcuts work in web
Update to upstream 1.3.0, and security fixes for CVE-2024-28176 and CVE-2024-28180
Updated to 124.0