* fix CVE-2021-44716 * fix CVE-2021-43813 * use HMAC-SHA-256 instead of SHA-1 to generate password reset tokens
Comment
Archive for Fedora Linux Distribution – Security Advisories
2159 results.
* fix CVE-2021-44716 * fix CVE-2021-43813 * use HMAC-SHA-256 instead of SHA-1 to generate password reset tokens
Fedora 34: cryptsetup 2022-61b55b6ebc
Jan27
on January 27, 2022
at 12:10 am
Posted In: Uncategorized
Security fix for CVE-2021-4122.
Security fix for CVE-2021-4034
pkexec: argv overflow results in local privilege esc.
Fedora 35: flatpak-builder 2022-7e328bd66c
Jan26
on January 26, 2022
at 7:33 pm
Posted In: Uncategorized
This is a regression fix update, reverting non-backwards-compatible behaviour changes in the solution previously chosen for [CVE-2022-21682](https://github.co m/flatpak/flatpak/security/advisories/GHSA-8ch7-5j3h-g4fx)
Bug fixes and incremental optimization improvements. —- Bugfix release including fix for CVE-2021-45290 and CVE-2021-45293.
Security fix for CVE-2022-21658, a TOCTOU race condition in std::fs::remove_dir_all. Privileged programs should be rebuilt if they use this function on paths that may be manipulated with lesser privileges. For more details, see the upstream [security advisory](https://blog.rust- lang.org/2022/01/20/cve-2022-21658.html).
Security fix for CVE-2021-46059, CVE-2022-0158, CVE-2022-0156 —- Security fix for CVE-2021-4136, CVE-2021-4166, CVE-2021-4173, CVE-2021-4186, CVE-2021-4192, CVE-2021-4193
Fix CVE-2022-23132, CVE-2022-23133, CVE-2022-23134
Fedora 35: webkit2gtk3 2022-25a98f5d55
Jan23
on January 23, 2022
at 1:59 am
Posted In: Uncategorized
Update to 2.34.4: * Fix dire [“Safari Leaks”](https://safarileaks.com/) IndexedDB privacy violation. * Make audio tools (like mixers) display the actual name of the application producing sound, instead of a generic one. * Fix several crashes and rendering issues. * Additional security fixes: CVE-2021-30887, CVE-2021-30890, CVE-2021-30934, CVE-2021-30936, CVE-2021-30951,
Fix CVE-2022-23132, CVE-2022-23133, CVE-2022-23134
The 5.15.16 stable kernel update contains a number of important fixes across the tree.
Security fix for CVE-2021-45931
Security fix for CVE-2021-45930
Rebase to version 2.4.3
The 5.15.15 stable kernel update contains a number of important fixes across the tree.
Fedora 35: texlive-base 2022-639b9d2b85
Jan20
on January 20, 2022
at 3:14 pm
Posted In: Uncategorized
Update to newer version of arara with newer log4j. Severity is low because exploiting this locally would be challenging.
Remove executable permissions from scripts in /usr/shar
Security fix for CVE-2021-34363
Update to 1.12.3 Fixes these two security issues: * CVE-2021-43860 or https://github.com/flatpak/flatpak/security/advisories/GHSA-qpjc-vq3c-572j * CVE-2022-21682 or https://github.com/flatpak/flatpak/security/advisories/GHSA-8ch7-5j3h-g4fx Full release notes: https://github.com/flatpak/flatpak/releases/tag/1.12.3
Fedora 35: python-kombu 2022-1dae017601
Jan16
on January 16, 2022
at 2:08 am
Posted In: Uncategorized
– kombu 5.2.3: https://github.com/celery/kombu/blob/master/Changelog.rst#523 – celery 5.2.3: https://github.com/celery/celery/blob/master/Changelog.rst#523
Security fix for CVE-2021-4122
Fedora 35: mingw-uriparser 2022-cfd0048127
Jan16
on January 16, 2022
at 1:52 am
Posted In: Uncategorized
Update to 0.9.6, see https://github.com/uriparser/uriparser/blob/uriparser-0.9.6/ChangeLog for details.
Fedora 35: python-celery 2022-1dae017601
Jan16
on January 16, 2022
at 1:42 am
Posted In: Uncategorized
– kombu 5.2.3: https://github.com/celery/kombu/blob/master/Changelog.rst#523 – celery 5.2.3: https://github.com/celery/celery/blob/master/Changelog.rst#523
Update to 0.9.6, see https://github.com/uriparser/uriparser/blob/uriparser-0.9.6/ChangeLog for details.
The 5.15.14 stable kernel update contains a number of important fixes across the tree.
The 5.15.14 stable kernel update contains a number of important fixes across the tree.
Fedora 34: python-cvxopt 2022-0b587f0fa9
Jan14
on January 14, 2022
at 1:56 am
Posted In: Uncategorized
Security fix for CVE-2021-41500. Upstream notes for version 1.2.7 read: “Bug fixes, Python 3.10 compatibility”.
Security fix for CVE-2021-46059, CVE-2022-0158, CVE-2022-0156