The 6.3.7 stable kernel update contains a number of important fixes across the tree.
Archive for Fedora Linux Distribution – Security Advisories
update to 114.0.5735.106. Fixes the following security issue: CVE-2023-3709
Update to 102.12.0 ; https://www.thunderbird.net/en- US/thunderbird/102.12.0/releasenotes/ ; https://www.thunderbird.net/en- US/thunderbird/102.11.2/releasenotes/ ; https://www.thunderbird.net/en- US/thunderbird/102.11.1/releasenotes/ ; https://www.thunderbird.net/en- US/thunderbird/102.11.0/releasenotes/
**MariaDB 10.5.20** Release notes: https://mariadb.com/kb/en/mariadb-10-5-20-release-notes/
– Updated to latest upstream (114.0)
– fix more POST-after-PUT confusion (CVE-2023-28322) – fix IDN wildcard match (CVE-2023-28321)
Update to 1.14.8
Security fix for CVE-2023-24329
Update to requests-2.31.0.
Fix CVE-2023-32700
Rebase to upstream version 3.0.9
Rebase to upstream version 3.0.9
Update to 7.1.1.11 (#2210875) —- Update to 7.1.1.10 (#2207788) Security fix for CVE-2023-34151 Security fix for CVE-2023-34152 Security fix for CVE-2023-34153
* Fix scrollbar jumping to top when drag released outside window in GTK 4. * Fix video rendering when GL is disabled. * Fix flickering on looped videos when starting again. * Fix CPU usage on autoplaying videos. * Choose amount of painting threads depending on available CPU cores on GTK 4. * Fix several crashes and rendering issues. * Fix CVE-2023-28204 and CVE-2023-32373.
* Fix scrollbar jumping to top when drag released outside window in GTK 4. * Fix video rendering when GL is disabled. * Fix flickering on looped videos when starting again. * Fix CPU usage on autoplaying videos. * Choose amount of painting threads depending on available CPU cores on GTK 4. * Fix several crashes and rendering issues. * Fix CVE-2023-28204 and CVE-2023-32373.
Update to version 24.1.
include latest dbx update (may 9th, black lotus edition). —- drop ASSERT from NestedInterruptTplLib (rhbz#2183336).
Security fix for CVE-2023-0341: update to 0.12.6 (close RHBZ#2162811)
Security fix for CVE-2023-24329
Security fix for CVE-2023-24329
Fix for CVE-2023-24329
Security fix for CVE-2023-24329
– Update to upstream 2.1-40. 20230516 – Addition of 06-6c-01/0x10 (ICL-D B0) microcode at revision 0x1000230; – Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode at revision 0x2b000461; – Addition of 06-8f-04/0x10 microcode at revision 0x2c0001d1; – Addition of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-04) at revision 0x2b000461; – Addition of 06-8f-05/0x10
Update bottles to 51.6 and release final dependency vkbasalt-cli
Update bottles to 51.6 and release final dependency vkbasalt-cli
Update to 1.19.1. Fixes CVE-2023-32067, CVE-2023-31130, CVE-2023-31147, CVE-2023-31124
Update to 0.10.5 (CVE-2023-1667 CVE-2023-2283)
– Update the sequoia-openpgp crate to version 1.16.0. – Update the nettle crate to version 7.3.0. – Update the nettle-sys crate to version 2.2.0. – Update the buffered-reader crate to version 1.2.0. Version 1.16.0 of the sequoia-openpgp crate fixes some issues in parsing code, which could lead to attempted out-of- bounds accesses that result in crashes due to bounds checks which are included
– Update the sequoia-openpgp crate to version 1.16.0. – Update the nettle crate to version 7.3.0. – Update the nettle-sys crate to version 2.2.0. – Update the buffered-reader crate to version 1.2.0. Version 1.16.0 of the sequoia-openpgp crate fixes some issues in parsing code, which could lead to attempted out-of- bounds accesses that result in crashes due to bounds checks which are included
Update to 1.19.1. Fixes CVE-2023-32067, CVE-2023-31130, CVE-2023-31147, CVE-2023-31124