8u265 update, disable LTO
Comment
Archive for Fedora Linux Distribution – Security Advisories
2744 results.
libX11 1.6.12 (CVE-2020-14363, CVE 2020-14344)
QEMU: usb: out-of-bounds r/w access issue [XSA-335, CVE-2020-14364] (#1871850)
The 5.8.6 stable kernel update contains a number of important fixes across the tree.
The 5.8.6 stable kernel update contains a number of important fixes across the tree.
Update to upstream bugfix and security release 2.9.13. —- Update to 2.9.12 upstream bugfix and security update
Add patch for CVE-2020-24661: Handling of pinned, invalid TLS certificates.
The 5.8.6 stable kernel update contains a number of important fixes across the tree.
Update to the new upstream 3.6.15 release.
Update to Chromium 85.0.4183.83. Bugs fixed, security holes patched, and features added. Hold on to your butts. List of CVEs resolved with this update: CVE-2020-6532 CVE-2020-6537 CVE-2020-6538 CVE-2020-6539 CVE-2020-6540 CVE-2020-6541 CVE-2020-6542 CVE-2020-6543 CVE-2020-6544 CVE-2020-6545 CVE-2020-6546 CVE-2020-6547 CVE-2020-6548 CVE-2020-6549 CVE-2020-6550
Rebased to version 8.0.21
Squid version update to 4.13 and security fixes
Fix CVE-2020-24370 .
This release includes the latest stable version of Apache **httpd**, version **2.4.46**. A security issue is addressed in this update: * **CVE-2020-11984** mod_proxy_uwsgi: Malicious request may result in information disclosure or RCE of existing file on the server running under a malicious process environment. For the full list of changes in this release, see
Squid version update to 4.13 and security fixes
geary 3.36.3.1 release: * Fixed handling of pinned, invalid TLS certificates: CVE-2020-24661 * Build bug fixes
CVE-2020-12100: Parsing mails with a large number of MIME parts could have resulted in excessive CPU usage or a crash due to running out of stack memory. CVE-2020-12673: Dovecot’s NTLM implementation does not correctly check message buffer size, which leads to reading past allocation which can lead to crash. CVE-2020-10967: lmtp/submission:
New F33 selinux-policy build.
New F32 selinux-policy build
Updates to the latest upstream release of Eclipse. See the upstream release notes for details: https://www.eclipse.org/eclipseide/2020-06/noteworthy/ Also contains security fixes for CVE-2019-17566 and CVE-2019-17638.
– New upstream version (80.0)
This release includes the latest stable version of Apache **httpd**, version **2.4.46**. A security issue is addressed in this update: * **CVE-2020-11984** mod_proxy_uwsgi: Malicious request may result in information disclosure or RCE of existing file on the server running under a malicious process environment. For the full list of changes in this release, see
Updates to the latest upstream release of Eclipse. See the upstream release notes for details: https://www.eclipse.org/eclipseide/2020-06/noteworthy/ Also contains security fixes for CVE-2019-17566 and CVE-2019-17638.
Security fix for CVE-2020-17507
* The `readUvarint` function would run infinitely given specific input. The function is now terminating if more than 10 bytes of input have been read. Fixes [issue #35](https://github.com/ulikunitz/xz/issues/35) (CVE-2020-16845). * Supports the check-ID None and fixes “Checksum None is invalid” [issue #27](https://github.com/ulikunitz/xz/issues/27).
* The `readUvarint` function would run infinitely given specific input. The function is now terminating if more than 10 bytes of input have been read. Fixes [issue #35](https://github.com/ulikunitz/xz/issues/35) (CVE-2020-16845).
New version 3.2.6, Security fix for CVE-2020-17498
New version 3.2.6, Security fix for CVE-2020-17498
libX11 1.6.12 (CVE-2020-14363, CVE 2020-14344)
Fix CVE-2020-24370 .