Update to 8.6.1
Comment
Archive for Fedora Linux Distribution – Security Advisories
2762 results.
Update to expat-2.7.2, fixes CVE-2025-59375.
Security fix for the bundled urllib3 for CVE-2025-50181
Update to 8.6.1
– Update to 140.0.7339.185 * CVE-2025-10585: Type Confusion in V8 * CVE-2025-10500: Use after free in Dawn * CVE-2025-10501: Use after free in WebRTC * CVE-2025-10502: Heap buffer overflow in ANGLE
Rebase trustee-guest-components to v0.13.0 Include rust-az-???-vtpm packages rebase to version 0.7.4 Adjust (patches) to work with ‘sev’ version 6.
Update to expat-2.7.2, fixes CVE-2025-59375.
Rebase trustee-guest-components to v0.13.0 Include rust-az-???-vtpm packages rebase to version 0.7.4 Adjust (patches) to work with ‘sev’ version 6.
Update to 2.50.0: Improved rendering performance by recording each layer once and replaying every dirty region in different worker threads. Enable damage propagation to the UI process by default. CSS property font-variant-emoji is now enabled by default.
– Update to 140.0.7339.185 * CVE-2025-10585: Type Confusion in V8 * CVE-2025-10500: Use after free in Dawn * CVE-2025-10501: Use after free in WebRTC * CVE-2025-10502: Heap buffer overflow in ANGLE
Rebase to 2.7.2
New upstream release fixing the following security weaknesses (CVE-2025-8114, CVE-2025-8277)
fix Out of bounds read for cookie path (CVE-2025-9086)
podman-tui release 1.8.0
prometheus-podman-exporter v1.18.1
New upstream release fixing the following security weaknesses (CVE-2025-8114, CVE-2025-8277)
Fix Out of bounds read for cookie path (CVE-2025-9086) Fix predictable WebSocket mask (CVE-2025-10148)
Mutiple vulnerabilities in the Viridian interface [XSA-472, CVE-2025-27466, CVE-2025-58142, CVE-2025-58143] Arm issues with page refcounting [XSA-473, CVE-2025-58144, CVE-2025-58145]
Rebase to 2.7.2
Update to 2.79.0
Update to 2.79.0
Update to 140.0.7339.127 CVE-2025-10200: Use after free in Serviceworker CVE-2025-10201: Inappropriate implementation in Mojo
New upstream release (143.0)
This update upgrade the package to version 0.36. This version fixes CVE-2025-40923 by using Crypt::SysRandom to generate secure session IDs.
This update upgrade the package to version 0.44. This version fixes CVE-2025-40924 by using Crypt::SysRandom to generate properly random session IDs.
This update upgrade the package to version 1.019. This version fixes CVE-2025-40920 by using Crypt::SysRandom to generate nonces instead of Data::UUID.
Update to 140.0.7339.127 CVE-2025-10200: Use after free in Serviceworker CVE-2025-10201: Inappropriate implementation in Mojo
CVE-2025-8067 Out-Of-Bounds Read in UDisks Daemon
Exiv2 0.28.6 + patch to fix silent abi breakage Exiv2 v0.28.6 (Fixes two low severity CVEs)