Just enough time for one more update. Chromium 84. Fixes CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 CVE-2020-6513 CVE-2020-6514 CVE-2020-6515 CVE-2020-6516 CVE-2020-6517 CVE-2020-6518 CVE-2020-6519 CVE-2020-6520 CVE-2020-6521 CVE-2020-6522 CVE-2020-6523 CVE-2020-6524 CVE-2020-6525 CVE-2020-6526 CVE-2020-6527 CVE-2020-6528 CVE-2020-6529 CVE-2020-6530
Archive for Fedora Linux Distribution – Security Advisories
Bugfix and CVE release.
Updates the nspr and nss package to upstream NSPR 4.26 and NSS 3.54. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes: – https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.54_release_notes
– New upstream update – 79.0
Just enough time for one more update. Chromium 84. Fixes CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 CVE-2020-6513 CVE-2020-6514 CVE-2020-6515 CVE-2020-6516 CVE-2020-6517 CVE-2020-6518 CVE-2020-6519 CVE-2020-6520 CVE-2020-6521 CVE-2020-6522 CVE-2020-6523 CVE-2020-6524 CVE-2020-6525 CVE-2020-6526 CVE-2020-6527 CVE-2020-6528 CVE-2020-6529 CVE-2020-6530
Bugfix and CVE release.
Fedora 31: java-1.8.0-openjdk 2020-508df53719
# July 2020 OpenJDK security update for OpenJDK 8. Full release notes: https://bitly.com/oj8u262 ## New features * [JDK-8223147](https://bugs.openjdk.java.net/browse/JDK-8223147): JFR Backport ## Security fixes – JDK-8028431, CVE-2020-14579: NullPointerException in DerValue.equals(DerValue) – JDK-8028591, CVE-2020-14578:
Fedora 31: java-11-openjdk 2020-93cc9c3ef2
# July 2020 OpenJDK security update for OpenJDK 11 Full release notes: https://bitly.com/openjdk1108 ## Security fixes – JDK-8230613: Better ASCII conversions – JDK-8231800: Better listing of arrays – JDK-8232014: Expand DTD support – JDK-8233234: Better Zip Naming – JDK-8233239, CVE-2020-14562: Enhance TIFF support – JDK-8233255: Better Swing Buttons –
ClamAV 0.102.4 is a bug patch release to address the following issues: CVE-2020-3350
0.9.24 release
Fedora 32: java-11-openjdk 2020-5d0b4a2b5b
# July 2020 OpenJDK security update for OpenJDK 11 Full release notes: https://bitly.com/openjdk1108 ## Security fixes – JDK-8230613: Better ASCII conversions – JDK-8231800: Better listing of arrays – JDK-8232014: Expand DTD support – JDK-8233234: Better Zip Naming – JDK-8233239, CVE-2020-14562: Enhance TIFF support – JDK-8233255: Better Swing Buttons –
Avoid infinite loop when reading specially crafted TAR files (CVE-2019-20907)
Fedora 32: mod_authnz_pam 2020-cfbed9c9ff
Rebase to upstream release 1.2.1.
Add patch to bump W_MAX_BYTES to 8.
Upgrade to upstream 3.6.0. Remove patch #4679 for el8.
– Update to 2.16.7 Security advisory: https://tls.mbed.org/tech- updates/security-advisories/mbedtls-security-advisory-2020-07
– Update to 1.2.13 Release notes: https://www.cacti.net/release_notes.php?version=1.2.13
– Update to 1.2.13 Release notes: https://www.cacti.net/release_notes.php?version=1.2.13
Fedora 31: php-horde-kronolith 2020-0fbd043bcf
**kronolith 4.2.29** * [mjr] Fix regresssion in event modification notifications (Bug #15022). —- **kronolith 4.2.28** * [mjr] **SECURITY**: Don’t leak private details when sending notifications for private events (Bug #15011). * [mjr] Fix regression in display of clickable event URL property (Bug #14941).
Backport fix for CVE-2020-15503.
Updates the nspr and nss package to upstream NSPR 4.26 and NSS 3.54. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes: – https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.54_release_notes
Updates the nspr and nss package to upstream NSPR 4.26 and NSS 3.54. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes: – https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.54_release_notes
This update incorporates fixes from the upstream glibc 2.31 stable release branch, including a fix for a medium severity security vulnerability. (CVE-2020-6096)
Update to Samba 4.11.11
Update to Samba 4.11.11
Update to 2.28.3: * Fix kinetic scrolling with async scrolling. * Fix web process hangs on large GitHub pages. * Bubblewrap sandbox should not attempt to bind empty paths. * Fix threading issues in the media player. * Fix several crashes and rendering issues. * Security fixes: CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850,
0.9.24 release
Update to 3.9.0b4
Update to 3.9.0b4
The 5.7.8 stable kernel update contains a number of important fixes across the tree.