This release fixes security issue CVE-2020-13999 .
Archive for Fedora Linux Distribution – Security Advisories
Special Register Buffer speculative side channel [XSA-320]
– avoid overwriting a local file with -J (CVE-2020-8177) – fix partial password leak over DNS on HTTP redirect (CVE-2020-8169)
Fedora 31: microcode_ctl FEDORA-2020-11ddbfbdf0
Security fix for CVE-2020-0548, CVE-2020-0549, CVE-2020-0543 —- Security fixes for CVE-2020-0548, CVE-2020-0549, CVE-2020-0543
– New upstream release – Actually reload the DFU device after upgrade has completed – Capture the dock SKU in report metadata – Correctly set the Logitech device protocol – Do not use shim for non-secure boot configurations – Ensure that the DeviceID is set for child devices – Fix an error when detaching MSP430 – Fix the DeviceID set by GetDetails – Force the prometheus minor version from
Fedora 31: thunderbird FEDORA-2020-5f7f8fcbce
Update to latest upstream version.
Fedora 31: suricata FEDORA-2020-cd84e46e68
This release fixes a number of issues found in the 4.1 branch.
Fedora 32: mingw-libjpeg-turbo FEDORA-2020-86fa578c8d
Security fix for CVE-2020-13790
Fedora 32: mingw-sane-backends FEDORA-2020-b845771719
https://gitlab.com/sane-project/backends/-/releases
Fedora 31: tcpreplay FEDORA-2020-256ac53cc7
This release contains bug fixes only (which includes security fixes): – Increase cache buffers size to accomodate VLAN edits (#594) – Correct L2 header length to correct IP header offset (#583) – Fix warnings from gcc version 10 (#580) – Heap Buffer Overflow in randomize_iparp (#579) – Use after free in get_ipv6_next (#578) – Heap Buffer Overflow in git_ipv6_next (#576) – Call
Fedora 31: php-horde-horde FEDORA-2020-01d7b8b690
**horde 5.2.23** * [mjr] SECURITY: Fix javascript injection vulnerability in mobile login page. * [mjr] Fix broken cloud search in portal block.
Fedora 32: tcpreplay FEDORA-2020-f47830961a
This release contains bug fixes only (which includes security fixes): – Increase cache buffers size to accomodate VLAN edits (#594) – Correct L2 header length to correct IP header offset (#583) – Fix warnings from gcc version 10 (#580) – Heap Buffer Overflow in randomize_iparp (#579) – Use after free in get_ipv6_next (#578) – Heap Buffer Overflow in git_ipv6_next (#576) – Call
Fedora 32: php-horde-horde FEDORA-2020-a41fda3b4c
**horde 5.2.23** * [mjr] SECURITY: Fix javascript injection vulnerability in mobile login page. * [mjr] Fix broken cloud search in portal block.
Fedora 32: libexif FEDORA-2020-b4db792558
New upstream release. It largely contains stability, security and bugfixes. Some EXIF 2.3 tags have been added. See also: https://github.com/libexif/libexif/releases/tag/libexif-0_6_22-release
Fedora 32: ca-certificates FEDORA-2020-fb144e7de5
updates the mozilla certificate list, removes expired certificates.
Fedora 32: roundcubemail FEDORA-2020-aeffd92b77
**RELEASE 1.4.6** – Installer: Fix regression in SMTP test section (#7417) —- **RELEASE 1.4.5** – Fix bug in extracting required plugins from composer.json that led to spurious error in log (#7364) – Fix so the database setup description is compatible with MySQL 8 (#7340) – Markasjunk: Fix regression in jsevent driver (#7361) – Fix missing flag indication on collapsed
The 5.6.19 stable kernel updates contain a number of important fixes across the tree.
Fedora 32: microcode_ctl FEDORA-2020-e8835a5f8e
Security fix for CVE-2020-0548, CVE-2020-0549, CVE-2020-0543 —- Update to upstream 2.1-28. 20200609
Fedora 31: roundcubemail FEDORA-2020-2a1a6a8432
**RELEASE 1.4.6** – Installer: Fix regression in SMTP test section (#7417) —- **RELEASE 1.4.5** – Fix bug in extracting required plugins from composer.json that led to spurious error in log (#7364) – Fix so the database setup description is compatible with MySQL 8 (#7340) – Markasjunk: Fix regression in jsevent driver (#7361) – Fix missing flag indication on collapsed
Update to 1.12.18
Fedora 31: moby-engine FEDORA-2020-5ba8c2d9d5
Update to upstream 19.03.11 to prevent CVE-2020-13401
Fedora 31: mingw-glib-networking FEDORA-2020-cadbc5992f
Security fix for CVE-2020-13645
Fedora 32: mingw-glib-networking FEDORA-2020-a83c8cd358
Security fix for CVE-2020-13645
Fedora 31: kernel-headers FEDORA-2020-3364913ace
The 5.6.18 stable kernel update contains a number of important fixes across the tree. —- The 5.6.17 stable kernel update contains a number of important fixes across the tree.
The 5.6.18 stable kernel update contains a number of important fixes across the tree. —- The 5.6.17 stable kernel update contains a number of important fixes across the tree.
Fedora 32: mariadb-connector-c FEDORA-2020-35f52d9370
**MariaDB 10.4.13 , Galera 26.4.4 , MariaDB CONC/C 3.1.8** Release notes: https://mariadb.com/kb/en/mariadb-10413-release-notes/ https://mariadb.com/kb/en/mariadb-connector-c-318-release-notes/
Fedora 32: libjcat FEDORA-2020-eec60309f2
Security fix for CVE-2020-10759
Fedora 32: grafana FEDORA-2020-a09e5be0be
Security fix for CVE-2020-13379
**MariaDB 10.4.13 , Galera 26.4.4 , MariaDB CONC/C 3.1.8** Release notes: https://mariadb.com/kb/en/mariadb-10413-release-notes/ https://mariadb.com/kb/en/mariadb-connector-c-318-release-notes/
Fedora 32: kernel FEDORA-2020-e47d28bc2b
The 5.6.18 stable kernel update contains a number of important fixes across the tree. —- The 5.6.17 stable kernel update contains a number of important fixes across the tree.