Upstream release
Posts Tagged Fedora Linux Distribution – Security Advisories
Package new upstream version of open-vm-tools-12.3.0-22234872. Security fix for CVE-2023-20900, CVE-2023-20867
Upstream release
Security fix for CVE-2022-46146, update to v0.10.0
Security fix for CVE-2022-46146, update to v0.10.0
Add patch for CVE-2023.39742.
Security fix for CVE-2023-36328
Update matrix-synapse to v1.80.0 to fix CVE-2022-39374, CVE-2023-32323
Update matrix-synapse to v1.80.0 to fix CVE-2022-39374, CVE-2023-32323
Update matrix-synapse to v1.80.0 to fix CVE-2022-39374, CVE-2023-32323
update to 117.0.5938.62. Fixes following security issues: CVE-2023-4900 CVE-2023-4901 CVE-2023-4902 CVE-2023-4903 CVE-2023-4904 CVE-2023-4905 CVE-2023-4906 CVE-2023-4907 CVE-2023-4908 CVE-2023-4909 —- update to 116.0.5845.187. Fixes following security issue: CVE-2023-4863 —- update to 116.0.5845.179. Fixes following security issues: CVE-2023-4427 CVE-2023-4428
This update provides Firefox 117.0.1, with a significant security fix (for [CVE-2023-4863](https://access.redhat.com/security/cve/CVE-2023-4863)) and various bug fixes.
**Redis 7.0.13** Released Wed 06 Sep 2023 15:00:00 IDT Upgrade urgency SECURITY: See security fixes below. Security Fixes * (**CVE-2023-41053**) Redis does not correctly identify keys accessed by SORT_RO and as a result may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. Bug Fixes * Cluster: fix a race condition
Backport fix for CVE-2023-4863.
Security fix for CVE-2020-22219
– Updated to latest upstream (117.0.1)
Backport fix for CVE-2023-4863.
Package new upstream version of open-vm-tools-12.3.0-22234872. Security fix for CVE-2023-20900, CVE-2023-20867
Fixes for CVE-2023-20897 and CVE-2023-20898
Rebase to 0.5.2 to fix CVE-2023-22652 and CVE-2023-30079
Release notes for xrdp v0.9.23 (2023/08/31) General announcements – Running xrdp and xrdp-sesman on separate hosts is still supported by this release, but is now deprecated. This is not secure. A future v1.0 release will replace the TCP socket used between these processes with a Unix Domain Socket, and then cross-host running will not be possible. Security fixes – CVE-2023-40184:
Security fix for CVE-2023-37464
– patchlevel 1872 —- The newest upstream commit Security fixes for CVE-2023-4733, CVE-2023-4752, CVE-2023-4750
Release notes for xrdp v0.9.23 (2023/08/31) General announcements – Running xrdp and xrdp-sesman on separate hosts is still supported by this release, but is now deprecated. This is not secure. A future v1.0 release will replace the TCP socket used between these processes with a Unix Domain Socket, and then cross-host running will not be possible. Security fixes – CVE-2023-40184:
Security fix for CVE-2023-37464
New version 4.0.8. Includes fixes for CVE-2023-2906, CVE-2023-4511, CVE-2023-4512, CVE-2023-4513.
Security fix for CVE-2022-45061
Security fix for CVE-2022-45061
New version 4.0.8. Includes fixes for CVE-2023-2906, CVE-2023-4511, CVE-2023-4512, CVE-2023-4513.
Update to prevent invalid fragment values from leading to a buffer overrun