update to 2.40.1 (CVE-2023-25652, CVE-2023-25815, CVE-2023-29007) Refer to the release notes for 2.30.9 for details of each CVE as well as the following security advisories from the git project: https://github.com/git/git/security/advisories/GHSA-2hvf-7c8p-28fx (CVE-2023-25652)
Archive for Fedora Linux Distribution – Security Advisories
Fixes for CVE-2023-30943 and CVE-2023-30944.
Fixes for CVE-2023-30943 and CVE-2023-30944.
– Update to latest 3.2 release – Security fix for CVE-2023-31047 – Provide python3-django so it can be used by dependents that do not use the python3.Xdist(django) for requesting it
– Updated to latest upstream (113.0)
Patch for CVE-2023-1729.
Patch for CVE-2023-1729.
update to 113.0.5672.64. Fixes the following security issues: CVE-2023-2459 CVE-2023-2460 CVE-2023-2461 CVE-2023-2462 CVE-2023-2463 CVE-2023-2464 CVE-2023-2465 CVE-2023-2466 CVE-2023-2467 CVE-2023-2468
A security flow was found on redcarpet that escaping html was not properly done even if requested on some cases which may cause XSS vulnerability. This issue is now assigned as CVE-2020-26298. This new rpm should fix this issue.
A security flow was found on redcarpet that escaping html was not properly done even if requested on some cases which may cause XSS vulnerability. This issue is now assigned as CVE-2020-26298. This new rpm should fix this issue.
– digiKam-8.0.0 – enabled MediaPlayer – Security fix for CVE-2023-1729 https://www.digikam.org/news/2023-04-16-8.0.0_release_announcement/
– digiKam-8.0.0 – enabled MediaPlayer – Security fix for CVE-2023-1729 https://www.digikam.org/news/2023-04-16-8.0.0_release_announcement/
Recent updates for the `tokio`, `h2`, and `openssl` crates addressed some (potential or confirmed) security or soundness issues: – `tokio`: [RUSTSEC-2023-0005](https://rustsec.org/advisories/RUSTSEC-2023-0005.html) – `h2`: [RUSTSEC-2023-0034](https://rustsec.org/advisories/RUSTSEC-2023-0034.html) / [CVE-2023-26964](https://nvd.nist.gov/vuln/detail/CVE-2023-26964) – `openssl`:
update to 113.0.5672.64. Fixes the following security issues: CVE-2023-2459 CVE-2023-2460 CVE-2023-2461 CVE-2023-2462 CVE-2023-2463 CVE-2023-2464 CVE-2023-2465 CVE-2023-2466 CVE-2023-2467 CVE-2023-2468
Fixes an incompatibility with AOM v3.6.0 and includes a couple of smaller fixes. Also fixes a stack overflow with some crafted images (CVE-2023-29659).
Fixes an incompatibility with AOM v3.6.0 and includes a couple of smaller fixes. Also fixes a stack overflow with some crafted images (CVE-2023-29659).
updated to java april security update
Update to 1.21.1 (resolve rhbz#2182365)
update to 112.0.5615.165. Fixes the following security issues: CVE-2023-2004 CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 CVE-2023-2033 CVE-2023-2136
* The Bubblewrap sandbox no longer requires setting an application identifier via GApplication to operate correctly. Using GApplication is still recommended, but optional. * Adjust the scrolling speed for mouse wheels to make it feel more natural. * Allow pasting content using the Asynchronous Clipboard API when the origin is the same as the clipboard contents. * Improvements to the
Security fix for CVE-2022-40897
update to 2.40.1 (CVE-2023-25652, CVE-2023-25815, CVE-2023-29007) Refer to the release notes for 2.30.9 for details of each CVE as well as the following security advisories from the git project: https://github.com/git/git/security/advisories/GHSA-2hvf-7c8p-28fx (CVE-2023-25652)
Update to 102.10.0 ; https://www.mozilla.org/en- US/security/advisories/mfsa2023-15/ ; https://www.thunderbird.net/en- US/thunderbird/102.10.0/releasenotes/
Security fix for CVE-2022-40897
– Update comrak to version 0.18.0. – Disable the unused markdown support in askama and askama_shared crates, which depends on an ancient version of comrak. This update also includes fixes for two medium-severity security issues in comrak (CVE-2023-28631 and CVE-2023-28626).
– Update comrak to version 0.18.0. – Disable the unused markdown support in askama and askama_shared crates, which depends on an ancient version of comrak. This update also includes fixes for two medium-severity security issues in comrak (CVE-2023-28631 and CVE-2023-28626).
– Update comrak to version 0.18.0. – Disable the unused markdown support in askama and askama_shared crates, which depends on an ancient version of comrak. This update also includes fixes for two medium-severity security issues in comrak (CVE-2023-28631 and CVE-2023-28626).
update to 2.40.1 (CVE-2023-25652, CVE-2023-25815, CVE-2023-29007) Refer to the release notes for 2.30.9 for details of each CVE as well as the following security advisories from the git project: https://github.com/git/git/security/advisories/GHSA-2hvf-7c8p-28fx (CVE-2023-25652)
x86 shadow paging arbitrary pointer dereference [XSA-430, CVE-2022-42335]
**Redis 6.2.12** Released Mon Apr 17 16:00:00 IST 2023 Upgrade urgency: SECURITY, contains fixes to security issues. Security Fixes: * (**CVE-2023-28856**) Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access Bug Fixes * Fix CLIENT REPLY OFF|SKIP to not silence push notifications (#11875) * Disconnect