updated to OpenJDK 17.0.9 (2023-10-17)
Comment
Archive for Fedora Linux Distribution – Security Advisories
2746 results.
x86/AMD: mismatch in IOMMU quarantine page table levels [XSA-445, CVE-2023-46835] x86: BTC/SRSO fixes not fully effective [XSA-446, CVE-2023-46836]
Backport fix for CVE-2023-2602 and CVE-2023-2603
– Update
update to 119.0.6045.199, upstream security release High CVE-2023-6345: Integer overflow in Skia High CVE-2023-6347: Use after free in Mojo High CVE-2023-6346: Use after free in WebAudio High CVE-2023-6350: Out of bounds memory access in libavif High CVE-2023-6351: Use after free in libavif High CVE-2023-6345: Integer overflow in Skia
Backport fix for CVE-2023-34872.
Update to latest version; fix CVE-2023-47248
Backport fix for CVE-2023-2602 and CVE-2023-2603
Update to 115.5.0 * https://www.mozilla.org/en- US/security/advisories/mfsa2023-52/ * https://www.thunderbird.net/en- US/thunderbird/115.5.0/releasenotes/
Resolves CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes. Additional bug and regression fixes.
**MariaDB 10.5.23 & Galera 26.4.16** Release notes: https://mariadb.com/kb/en/mariadb-10-5-23-release-notes/
Includes security fixes to the path/filepath package, as well as bug fixes to the linker, the runtime, the compiler, and the go/types, net/http, and runtime/cgo packages. [See the whole changelog here](https://go.dev/doc/devel/release).
**MariaDB 10.5.23 & Galera 26.4.16** Release notes: https://mariadb.com/kb/en/mariadb-10-5-23-release-notes/
The newest upstream commit Security fixes for CVE-2023-48233, CVE-2023-48231, CVE-2023-48232, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237.
Resolves CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes. Upstream change log at: https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG- 1.25.md#changelog-since-v12515
The newest upstream commit Security fixes for CVE-2023-48233, CVE-2023-48231, CVE-2023-48232, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237.
– Update to upstream 2.1-42. 20231114 – Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003a5 up to 0xd0003b9; – Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000230 up to 0x1000268; – Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xbc up to 0xc2; – Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision
This is an extended update of the OpenVPN 2.6.7 release which contains security fixes for CVE-2023-46849 and CVE-2023-46850. That release had a regression causing the `openvpn` daemon to segfault frequently; which is why the 2.6.7 release was pulled. This 2.6.8 release contains a fix for the regression issue as well.
update to 119.0.6045.159, upstream security release – High CVE-2023-5997, use after free in Garbage Collection – High CVE-2023-6112, use after free in Navigation —- Fix bz#2240127, audio/video decode issue in chromium
Patch for CVE-2022-24599
Patch for CVE-2022-24599
– Updated to latest upstream (120.0)
release v1.5.0 + security fix for CVE-2023-39325
podman-tui v0.12.0 + security fix for CVE-2023-39325 and CVE-2022-41717 and CVE-2022-41723
Includes security fixes to the path/filepath package, as well as bug fixes to the linker, the runtime, the compiler, and the go/types, net/http, and runtime/cgo packages. [See the whole changelog here](https://go.dev/doc/devel/release).
Includes security fixes to the path/filepath package, as well as bug fixes to the linker, the runtime, the compiler, and the go/types, net/http, and runtime/cgo packages. [See the whole changelog here](https://go.dev/doc/devel/release).
1.22.7
– Update to upstream 2.1-42. 20231114 – Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003a5 up to 0xd0003b9; – Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000230 up to 0x1000268; – Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xbc up to 0xc2; – Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision
– Update to upstream 2.1-42. 20231114 – Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003a5 up to 0xd0003b9; – Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000230 up to 0x1000268; – Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xbc up to 0xc2; – Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision