The newest upstream commit Security fixes for CVE-2023-48233, CVE-2023-48231, CVE-2023-48232, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237.
Archive for Fedora Linux Distribution – Security Advisories
Fedora 37: microcode_ctl 2023-40e71fe5b9
– Update to upstream 2.1-42. 20231114 – Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003a5 up to 0xd0003b9; – Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000230 up to 0x1000268; – Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xbc up to 0xc2; – Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision
This is an extended update of the OpenVPN 2.6.7 release which contains security fixes for CVE-2023-46849 and CVE-2023-46850. That release had a regression causing the `openvpn` daemon to segfault frequently; which is why the 2.6.7 release was pulled. This 2.6.8 release contains a fix for the regression issue as well.
update to 119.0.6045.159, upstream security release – High CVE-2023-5997, use after free in Garbage Collection – High CVE-2023-6112, use after free in Navigation —- Fix bz#2240127, audio/video decode issue in chromium
Patch for CVE-2022-24599
Patch for CVE-2022-24599
– Updated to latest upstream (120.0)
Fedora 38: prometheus-podman-exporter 2023-b43faebc9f
release v1.5.0 + security fix for CVE-2023-39325
Fedora 38: podman-tui 2023-e359fd31d2
podman-tui v0.12.0 + security fix for CVE-2023-39325 and CVE-2022-41717 and CVE-2022-41723
Includes security fixes to the path/filepath package, as well as bug fixes to the linker, the runtime, the compiler, and the go/types, net/http, and runtime/cgo packages. [See the whole changelog here](https://go.dev/doc/devel/release).
Includes security fixes to the path/filepath package, as well as bug fixes to the linker, the runtime, the compiler, and the go/types, net/http, and runtime/cgo packages. [See the whole changelog here](https://go.dev/doc/devel/release).
Fedora 39: gstreamer1-vaapi 2023-6a4aea6d13
1.22.7
Fedora 39: gstreamer1-plugins-ugly-free 2023-6a4aea6d13
1.22.7
Fedora 39: microcode_ctl 2023-e4cb865604
– Update to upstream 2.1-42. 20231114 – Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003a5 up to 0xd0003b9; – Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000230 up to 0x1000268; – Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xbc up to 0xc2; – Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision
Fedora 38: microcode_ctl 2023-3dfc0123b0
– Update to upstream 2.1-42. 20231114 – Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003a5 up to 0xd0003b9; – Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000230 up to 0x1000268; – Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xbc up to 0xc2; – Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision
Fix for CVE-2023-39325
Fixes CVEs reported against Xserver.
New version 8.5.3.
New version 8.5.3.
Fedora 38: roundcubemail 2023-0fd9865145
**Release 1.6.5** – Fix PHP8 fatal error when parsing a malformed BODYSTRUCTURE (#9171) – Fix duplicated Inbox folder on IMAP servers that do not use Inbox folder with all capital letters (#9166) – Fix PHP warnings (#9174) – Fix UI issue when dealing with an invalid managesieve_default_headers value (#9175) – Fix bug where images attached to application/smil messages weren’t displayed
* Bump Safari version in user agent header. * Fix blob URL regression that broke many websites. * Fix several crashes and rendering issues. * Fix CVE-2023-41983 and CVE-2023-42852
update to 119.0.6045.123. Security fix for CVE-2023-5996 —- update to 119.0.6045.105. Security fixes: High CVE-2023-5480: Inappropriate implementation in Payments. High CVE-2023-5482: Insufficient data validation in USB. High CVE-2023-5849: Integer overflow in USB. Medium CVE-2023-5850: Incorrect security UI in Downloads. Medium CVE-2023-5851:
Update to 0.7.8 Security fix for CVE-2023-43907
Fixes CVEs reported against Xserver.
Fedora 38: python-pillow 2023-1a120657f9
Update to 9.5.0, backport fix for CVE-2023-44271.
Backport upstream fixes – Fixes: CVE-2023-38200 – Fixes: CVE-2023-38201
Fedora 38: community-mysql 2023-9ff7fd16a0
**MySQL 8.0.35** Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-35.html
Fedora 38: matrix-synapse 2023-f8d216faed
Update to 1.95.1 (CVE-2023-43796) —- Update to v1.95.0
Fedora 39: community-mysql 2023-e7aa13efc5
**MySQL 8.0.35** Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-35.html
Fedora 39: matrix-synapse 2023-957972e77c
Update to 1.95.1 (CVE-2023-43796) —- Update to v1.95.0