Update to 2023.07.06. Mitigates CVE-2023-35934 / GHSA-v8mc-9377-rwjj
Comment
Archive for Fedora Linux Distribution – Security Advisories
2746 results.
Security fix for CVE-2023-31484 CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. CPAN 2.35 – Add verify_SSL=>1 to https::Tiny to verify https server identity
Security fix for CVE-2023-31484 CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. CPAN 2.35 – Add verify_SSL=>1 to https::Tiny to verify https server identity
Update to version 1.2.1. This version includes a fix for CVE-2023-32570 (race condition that can lead to an application crash).
– New upstream update (115.0) – Built with PGO
Update to version 4.7.4 Security fix for CVE-2022-41854
The 6.3.11 stable kernel update contains a number of important fixes across the tree. —- The 6.3.10 stable kernel update contains a number of important fixes across the tree.
– Release 4.0.4
– New upstream update (115.0) – Built with PGO
Update to 114.0.5735.198. Fixes the following security issues: CVE-2023-3420 CVE-2023-3421 CVE-2023-3422 CVE-2023-36191
Update to 2.40.3: * Make memory pressure monitor honor memory.memsw.usage_in_bytes if exists. * Include key modifiers in wheel events. * Apply cookie blocking policy to WebSocket handshakes. * Fix several crashes and rendering issues. * Security fixes: CVE-2023-32439
croc 9.6.4
Update to 114.0.5735.198. Fixes the following security issues: CVE-2023-3420 CVE-2023-3421 CVE-2023-3422 CVE-2023-36191
– Rebased to the latest upstream sources (see CHANGELOG.md) – Updated pcs-web-ui – Removed dependency fedora-logos – favicon is now correctly provided by pcs- web-ui – Resolves: rhbz#2109852 rhbz#2170648
Update to 2.40.3: * Make memory pressure monitor honor memory.memsw.usage_in_bytes if exists. * Include key modifiers in wheel events. * Apply cookie blocking policy to WebSocket handshakes. * Fix several crashes and rendering issues. * Security fixes: CVE-2023-32439
– Rebased to the latest upstream sources (see CHANGELOG.md) – Updated pcs-web-ui – Removed dependency fedora-logos – favicon is now correctly provided by pcs- web-ui – Resolves: rhbz#2109852 rhbz#2170648
Patch update to Kubernetes 1.25 for Fedora 37. Primarily a security fix for CVE-2023-2431: Bypass of seccomp profile enforcement.
This is a security release, additionally fixing a number of important bugs.
The newest upstream commit 2215591 – TRIAGE vim: Divide By Zero vulnerability in scroll_cursor_bot() in move.c
Fix for several CVEs
Upstream security update with additional bugfixes. Resolves CVE-2023-2431.
Update to 114.0.5735.133. Fixes the following security issues: CVE-2023-3214, CVE-2023-3215, CVE-2023-3215, CVE-2023-3217,
Latest stable release. Full upstream changelog: https://github.com/WebAssembly/wabt/compare/1.0.32…1.0.33 . Fixes CVE-2023-27116, CVE-2023-30300 and CVE-2023-31669.
The newest upstream commit 2215591 – TRIAGE vim: Divide By Zero vulnerability in scroll_cursor_bot() in move.c
This is the June 2023 monthly update for .NET 7. It includes fixes for several CVEs. Release Notes: – Runtime: https://github.com/dotnet/core/blob/main/release-notes/7.0/7.0.7/7.0.7.md – SDK: https://github.com/dotnet/core/blob/main/release-notes/7.0/7.0.7/7.0.107.md
This is the June 2023 monthly update for .NET 7. It includes fixes for several CVEs. Release Notes: – Runtime: https://github.com/dotnet/core/blob/main/release-notes/7.0/7.0.7/7.0.7.md – SDK: https://github.com/dotnet/core/blob/main/release-notes/7.0/7.0.7/7.0.107.md
This is the June 2023 monthly update for .NET 6. It includes fixes for several CVEs. Release Notes: – Runtime: https://github.com/dotnet/core/blob/main/release-notes/6.0/6.0.18/6.0.18.md – SDK: https://github.com/dotnet/core/blob/main/release- notes/6.0/6.0.18/6.0.118.md
Update to version 1.2.1. This version includes a fix for CVE-2023-32570 (race condition that can lead to an application crash).
Backport fix for CVE-2023-34969.
Fixes CVE-2023-1672