This update takes caddy from 2.5.2 to 2.6.4. The primary purpose is to resolve a long standing FTBFS related to golang 1.20. The current F38 package is actually a carried-foward F37 build because of that reason. It also resolves CVE-2022-41721. This is a fairly significant upgrade with lots of new features and fixes, but after reviewing the upstream release notes I believe it should
Archive for Fedora Linux Distribution – Security Advisories
Update to latest upstream git snapshot. Various changes, including bug fix for cookie leak vulnerability.
Update to latest upstream git snapshot. Various changes, including bug fix for cookie leak vulnerability.
Update libqb for CVE-2023-39976
Fedora 37: linux-firmware 2023-eabbf4ca4d
New firmware for AMD Zen CPUs to mitigate the AMD ‘Inception’ attack. Only needed for affected AMD users. —- Update to upstream 20230804 release: * Split out QCom Arm IP firmware * Merge Marvell libertas WiFi firmware * Mellanox: Add new mlxsw_spectrum firmware xx.2012.1012 * Add URL for latest FW binaries for NXP BT chipsets * rtw89: 8851b: update firmware to v0.29.41.1 *
Fedora 37: java-17-openjdk 2023-9ef4ec10da
updated to security 17.0.8.0.7
Fedora 38: python-yfinance 2023-2b0f2e4bc3
Update to 0.2.28
CVE-2023-20197 ClamAV File Scanning Infinite Loop Denial of Service Vulnerability
Possible buffer overflow in ‘ps’ (CVE-2023-4016)
Fedora 38: spectre-meltdown-checker 2023-7228464f28
This release mainly focuses on the detection of the new Zenbleed (CVE-2023-20593) vulnerability, among few other changes that were in line waiting for a release: * feat: detect the vulnerability and mitigation of Zenbleed (CVE-2023-20593) * feat: add the linux-firmware repository as another source for CPU microcode versions * feat: arm: add Neoverse-N2, Neoverse-V1 and
This is the August 2023 update for .NET 6 and .NET 7. Release Notes: – 7.0 SDK: https://github.com/dotnet/core/blob/main/release- notes/7.0/7.0.10/7.0.110.md – 7.0 Runtime: https://github.com/dotnet/core/blob/main/release-notes/7.0/7.0.10/7.0.10.md – 6.0 SDK: https://github.com/dotnet/core/blob/main/release-
Update to 4.12 for CVE-2023-38710, CVE-2023-38711 and CVE-2023-38712 addressing post-authentication denial of service attacks
update to 116.0.5845.96. Fixes following security issues: CVE-2023-2312 CVE-2023-4349 CVE-2023-4350 CVE-2023-4351 CVE-2023-4352 CVE-2023-4353 CVE-2023-4354 CVE-2023-4355 CVE-2023-4356 CVE-2023-4357 CVE-2023-4358 CVE-2023-4359 CVE-2023-4360 CVE-2023-4361 CVE-2023-4362
This is the August 2023 update for .NET 6 and .NET 7. Release Notes: – 7.0 SDK: https://github.com/dotnet/core/blob/main/release- notes/7.0/7.0.10/7.0.110.md – 7.0 Runtime: https://github.com/dotnet/core/blob/main/release-notes/7.0/7.0.10/7.0.10.md – 6.0 SDK: https://github.com/dotnet/core/blob/main/release-
Fedora 38: java-1.8.0-openjdk 2023-b3384af468
respin of security cpu due to uninstallable sources subpkg —- updatet to july security update 382.b05
Fedora 37: java-1.8.0-openjdk 2023-a2922bf669
respin of security cpu due to uninstallable sources subpkg —- updatet to july security update 382.b05
Fedora 38: trafficserver 2023-dcbfbf1396
Update to upstream 9.2.2. Changes with Apache Traffic Server 9.2.2 #9544 – Docs: format typos in header_rewrite doc #9754 – Fix OCSP detection during build (9.2.x) #9829 – Add TSHttpTxnNextHopPortGet, add NEXT-HOP to header rewrite #9831 – Allow slice plugin to purge requests #9840 – Fix crash on config reload with BoringSSL #9877 – Do not add content-length for status 204
Fedora 37: microcode_ctl 2023-10d34be85a
– Update to upstream release 20230808 – Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000171 up to 0x1000181; – Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode from revision 0x2006f05 up to 0x2007006; – Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003501 up to 0x4003604; – Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from
Fix buffer overrun vulnerability (#2211088), fixes CVE-2023-2977
Update `llhttp` to 8.1.1 (including a SONAME version bump and ABI break, https://pagure.io/fesco/issue/3049) and `python-aiohttp` to 3.8.5. Fixes CVE-2023-30589.
Fedora 38: java-latest-openjdk-portable 2023-b7f6f0f77e
Update to jdk-20.0.2+9
The 6.4.10 stable kernel update contains a number of important fixes across the tree.
Fedora 38: java-1.8.0-openjdk-portable 2023-89bad07f9d
* updated to CPU 07/23 jdk8u382-b05 * removed removal of EC curves
The 6.4.10 stable kernel update contains a number of important fixes across the tree.
Fedora 38: linux-firmware 2023-755b8bb6db
New firmware for AMD Zen CPUs to mitigate the AMD ‘Inception’ attack. Only needed for affected AMD users.
update to 115.0.5790.170. Fixes several security issues
Changes since 2.4.12: https://github.com/OpenImageIO/oiio/releases/tag/v2.4.13.0 https://github.com/OpenImageIO/oiio/releases/tag/v2.4.14.0 Security fix for CVE-2023-36183, CVE-2023-3430
**PHP version 8.1.22** (03 Aug 2023) **Build:** * Fixed bug [GH-11522](https://github.com/php/php-src/issues/11522) (PHP version check fails with ‘-‘ separator). (SVGAnimate) **CLI:** * Fix interrupted CLI output causing the process to exit. (nielsdos) **Core:** * Fixed oss-fuzz php#60011 (Mis-compilation of by-reference nullsafe operator). (ilutov) * Fixed use-of-
Changes since 2.4.12: https://github.com/OpenImageIO/oiio/releases/tag/v2.4.13.0 https://github.com/OpenImageIO/oiio/releases/tag/v2.4.14.0 Security fix for CVE-2023-36183, CVE-2023-3430
Fedora 38: linux-firmware 2023-d15f5a186a
Update to upstream 20230804 release: * Split out QCom Arm IP firmware * Merge Marvell libertas WiFi firmware * Mellanox: Add new mlxsw_spectrum firmware xx.2012.1012 * Add URL for latest FW binaries for NXP BT chipsets * rtw89: 8851b: update firmware to v0.29.41.1 * qcom: sdm845: add RB3 sensors DSP firmware * amdgpu: Update DMCUB for DCN314 & Yellow Carp * ice: add LAG-