This release fixes a heap buffer underread in indent tool when processing a code in which an opening parenthesis follows a comment with a text.
Archive for Fedora Linux Distribution – Security Advisories
The 6.6.14 stable kernel update contains a number of important fixes across the tree.
This release fixes a heap buffer underread in indent tool when processing a code in which an opening parenthesis follows a comment with a text.
update to 121.0.6167.139 * High CVE-2024-1060: Use after free in Canvas * High CVE-2024-1059: Use after free in WebRTC * High CVE-2024-1077: Use after free in Network
Update of jupyterlab and notebook including fix for CVE-2024-22420 .
Fedora 39: thunderbird 2024-c8c2a52fb8
Update to 115.7.0 * https://www.mozilla.org/en- US/security/advisories/mfsa2024-04/ * https://www.thunderbird.net/en- US/thunderbird/115.7.0/releasenotes/
Security fix for CVE-2023-6246, CVE-2023-6779, and CVE-2023-6780. CVE-2023-6246: __vsyslog_internal did not handle a case where printing a SYSLOG_HEADER containing a long program name failed to update the required buffer size, leading to the allocation and overflow of a too-small buffer on the heap. CVE-2023-6779: __vsyslog_internal used the return value of
Update to newer ncurses version, which fixes CVE-2023-29491 and CVE-2023-50495.
Fedora 39: selinux-policy 2024-334b3be641
New F39 selinux-policy build
Fedora 39: python-templated-dictionary 2024-f69989e7dd
Fixing CVE-2023-6395
Fedora 38: prometheus-podman-exporter 2024-3fd1bc9276
Security fix for CVE-2023-48795
Rebase gnutls to version 3.8.3
Fedora 39: prometheus-podman-exporter 2024-a53b24023d
Security fix for CVE-2023-48795
Rabase to 1.9.15p5
Fedora 38: python-jinja2 2024-604e4c3509
Security fix for CVE-2024-22195
– update to 1.26.2 – fix security security advisory
This is the January 2024 update for .NET 8. Release Notes: https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.1/8.0.1.md
– Updated to new upstream (122.0)
This is the January 2024 update for .NET 7. Release Notes: https://github.com/dotnet/core/blob/main/release-notes/7.0/7.0.15/7.0.15.md
Fedora 39: ansible-core 2024-0d894565a0
Mitigate CVE-2024-0690
Fedora 38: mingw-jasper 2024-b5b85798cd
Backport fix for CVE-2023-51257.
Fedora 38: golang-github-facebook-time 2024-f99ecead66
Security fix for CVE-2023-39325
update to 120.0.6099.224 – High CVE-2024-0517: Out of bounds write in V8 – High CVE-2024-0518: Type Confusion in V8 – High CVE-2024-0519: Out of bounds memory access in V8
Cumulative bug-fix update. This update includes fixes for multiple security issues found by Talos in which specially crafted input files could lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.
Fedora 39: golang-x-text 2024-b85b97c0e9
update to v0.14.0, address CVE-2023-39325
Update to 6.0.25
Update to 6.0.25
Update to 1.4.16. Fixes CVE-2023-6277 (in bundled libtiff).
Fedora 39: python-flask-security-too 2024-f34963bef8
Backport fix for CVE-2023-49438.
Update to 1.4.16. Fixes CVE-2023-6277 (in bundled libtiff).