Update to version 18.20.6 (rhbz#2341760) (rhbz#2340936) (rhbz#2300997) Resolves CVE-2025-23084
Comment
Archive for Fedora Linux Distribution – Security Advisories
2744 results.
[Security][CVE-2024-52948] CSRF on 2FA registration [Security] Open redirect vulnerability in logout
phpMyAdmin 5.2.2 is released Welcome to the release of phpMyAdmin version 5.2.2, the “I should have released this sooner” release. This is primarily a bugfix release but also contains a few security fixes as noted below. fix possible security issue in sql-parser which could cause long execution times
This is the January 2025 security and bugfix release for .NET 8.0. It updates the SDK to version 8.0.112 and Runtime to version 8.0.12. Release Notes: SDK: https://github.com/dotnet/core/blob/main/release- notes/8.0/8.0.12/8.0.112.md
This is the January 2025 security and bugfix release for .NET 9.0. It updates the SDK to version 9.0.102 and Runtime to version 9.0.1. Release Notes: https://github.com/dotnet/core/blob/main/release- notes/9.0/9.0.1/9.0.1.md
fix VW_VERSION in compiled code, patch security issues
Includes security fixes to the crypto/x509 and net/http packages
This update addresses two security vulnerabilities: * CVE-2025-0395: A buffer overflow may occur in the assert function with certain large program names and assert expressions. * CVE-2025-0577: getrandom, arc4random can produce predictable randomness if a multi-threaded program creates additional threads after fork.
This update addresses two security vulnerabilities: * CVE-2025-0395: A buffer overflow may occur in the assert function with certain large program names and assert expressions. * CVE-2025-0577: getrandom, arc4random can produce predictable randomness if a multi-threaded program creates additional threads after fork.
CVE-2024-11029 Release note: https://www.freeipa.org/release-notes/4-12-3.html
CVE-2024-11029 Release note: https://www.freeipa.org/release-notes/4-12-3.html
https://lists.wikimedia.org/hyperkitty/list/wikitech- [email protected]/thread/PFTE5RHUERS6KTUGGRZO7XXV5THNJ77E/ https://lists.wikimedia.org/hyperkitty/list/mediawiki- [email protected]/thread/5NYC4UZLY3MWQZ6DYJAUQRJG2ZHZFBJ6/
Update to 132.0.6834.110 High CVE-2025-0611: Object corruption in V8 High CVE-2025-0612: Out of bounds memory access in V8
New upstream update (132.0)
Update to 1.23.0
fix CVE-2024-7006 (rhbz#2302997) fix CVE-2023-52356 (rhbz#2260112) fix CVE-2023-6228 (rhbz#2251863)
Update pyo3 to version 0.22.4. This version addresses a potential use-after-free RUSTSEC-2024-0378.
Security fix for CVE-2024-47874. Starlette 0.40.0 (October 15, 2024) This release fixes a Denial of service (DoS) via multipart/form-data requests. You can view the full security advisory: GHSA-f96h-pmfr-66vw
Update pyo3 to version 0.22.4. This version addresses a potential use-after-free RUSTSEC-2024-0378.
This is the October 2024 monthly update for .NET 6. Release Notes: SDK: https://github.com/dotnet/core/blob/main/release- notes/6.0/6.0.35/6.0.135.md Runtime: https://github.com/dotnet/core/blob/main/release-
Security fix for CVE-2024-47874. Starlette 0.40.0 (October 15, 2024) This release fixes a Denial of service (DoS) via multipart/form-data requests. You can view the full security advisory: GHSA-f96h-pmfr-66vw
Various security, performance, accuracy, and stability issues have been fixed.
New version 4.2.8 Fix for CVE-2024-9781
Update to 130.0.6723.58 * High CVE-2024-9954: Use after free in AI * Medium CVE-2024-9955: Use after free in Web Authentication * Medium CVE-2024-9956: Inappropriate implementation in Web Authentication * Medium CVE-2024-9957: Use after free in UI
Fixes possible denial of service attack on untrusted input
Automatic update for buildah-1.37.5-1.fc41. Changelog for buildah * Fri Oct 18 2024 Packit
Automatic update for buildah-1.37.5-1.fc41. Changelog for buildah * Fri Oct 18 2024 Packit
Automatic update for buildah-1.37.5-1.fc41. Changelog for buildah * Fri Oct 18 2024 Packit
Update the hyper-rustls crate to version 0.27.3. Update the reqwest crate to version 0.12.8. Update the rustls-native-certs crate to version 0.8.0 and add a compat package for version 0.7. Update the tonic, tonic-build, and tonic-types crates to version 0.12.3.
Fix for CVE-2024-48957 Automatic update for libarchive-3.7.2-6.fc40.