* Fix large memory allocation when uploading content. * Fix scrolling after a history navigation with PSON enabled. * Always update the active uri of WebKitFrame. * Fix several crashes and rendering issues. * Security fixes: CVE-2023-23529
Posts Tagged Fedora Linux Distribution – Security Advisories
**phpMyAdmin 5.2.1** This is a bugfix release that also contains a security fix for an XSS vulnerability in the drag-and-drop upload functionality (**PMASA-2023-01**). Changelog: – issue #17522 Fix case where the routes cache file is invalid – issue #17506 Fix error when configuring 2FA without XMLWriter or Imagick – issue Fix blank page when some error occurs – issue #17519
– New upstream release (110.0)
Update to 2.39.2 (CVE-2023-22490, CVE-2023-23946) Refer to the [upstream release notes](https://github.com/git/git/raw/v2.39.2/Documentation/RelNotes/2.30.8.txt) and the security advisories ([CVE-2023-22490](https://github.com/git/git/security/advisories/GHSA-
– New upstream release (110.0)
Security fix for CVE-2022-38725
Security fix for CVE-2022-38725
Update to 110.0.5481.77. Fixes the following security issues: CVE-2023-0696 CVE-2023-0697 CVE-2023-0698 CVE-2023-0699 CVE-2023-0700 CVE-2023-0701 CVE-2023-0702 CVE-2023-0703 CVE-2023-0704 CVE-2023-0705 CVE-2023-25193
Fix a possible DOS involving the Qt SQL ODBC driver plugin.
The newest upstream commit Security fixes for CVE-2023-0433, CVE-2022-47024
Fix a possible DOS involving the Qt SQL ODBC driver plugin.
xwayland 22.1.8 – Security fix for CVE-2023-0494
New version 4.0.3.
**Version 4.4.50** (2023-02-01) * **security cve-2022-24895** [Security/Http] Remove CSRF tokens from storage on successful login (nicolas-grekas) * **security cve-2022-24894** [HttpKernel] Remove private headers before storing responses with HttpCache (nicolas-grekas)
Rebase to upstream version 3.0.8 Resolves: CVE-2022-4203 Resolves: CVE-2022-4304 Resolves: CVE-2022-4450 Resolves: CVE-2023-0215 Resolves: CVE-2023-0216 Resolves: CVE-2023-0217 Resolves: CVE-2023-0286 Resolves: CVE-2023-0401
Add upstream fix for CVE-2022-47021
Add upstream fix for CVE-2022-47021
* Improve GStreamer multimedia playback across the board with improved codec selection logic, better handling of latency, and improving frame discard to avoid audio/video desynchronization, among other fixes. * Disable HLS media playback by default, which makes web sites use MSE instead. If needed WEBKIT_GST_ENABLE_HLS_SUPPORT=1 can be set in the environment to enable it back.
– Fix CVE-2022-3560 – This is a privilege escalation in the pesign-authorize script, which is now deprecated. There is no impact unless you are using pesign as a daemon in a signing server.
Rebase to sudo 1.9.12p2 – security fix for CVE-2023-22809
Security fix for CVE-2022-4510
# New in release [OpenJDK 11.0.18](https://bit.ly/openjdk11018) (2023-01-17) ## CVEs Fixed – CVE-2023-21835 – CVE-2023-21843 ## Security Fixes – JDK-8286070: Improve UTF8 representation – JDK-8286496: Improve Thread labels – JDK-8287411: Enhance DTLS performance – JDK-8288516: Enhance font creation – JDK-8289350: Better media supports – JDK-8293554: Enhanced DH Key Exchanges
Security fix for CVE-2022-4510
# New in release [OpenJDK 8u362](https://bit.ly/openjdk8u362) (2023-01-17) ## CVEs Fixed – CVE-2023-21830 – CVE-2023-21843 ## Security Fixes – JDK-8285021: Improve CORBA communication – JDK-8286496: Improve Thread labels – JDK-8288516: Enhance font creation – JDK-8289350: Better media supports – JDK-8293554: Enhanced DH Key Exchanges – JDK-8293598: Enhance InetAddress
# New in release OpenJDK 19.0.2 (2023-01-17) ## CVEs Fixed * CVE-2023-21835 * CVE-2023-21843 ## Security Fixes – JDK-8286070: Improve UTF8 representation – JDK-8286496: Improve Thread labels – JDK-8287411: Enhance DTLS performance – JDK-8288516: Enhance font creation – JDK-8293554: Enhanced DH Key Exchanges – JDK-8293598: Enhance InetAddress address handling – JDK-8293717: Objective
# New in release [OpenJDK 17.0.6](https://bit.ly/openjdk1706) (2023-01-17) ## CVEs Fixed – CVE-2023-21835 – CVE-2023-21843 ## Security Fixes – JDK-8286070: Improve UTF8 representation – JDK-8286496: Improve Thread labels – JDK-8287411: Enhance DTLS performance – JDK-8288516: Enhance font creation – JDK-8289350: Better media supports – JDK-8293554: Enhanced DH Key Exchanges
# New in release [OpenJDK 8u362](https://bit.ly/openjdk8u362) (2023-01-17) ## CVEs Fixed – CVE-2023-21830 – CVE-2023-21843 ## Security Fixes – JDK-8285021: Improve CORBA communication – JDK-8286496: Improve Thread labels – JDK-8288516: Enhance font creation – JDK-8289350: Better media supports – JDK-8293554: Enhanced DH Key Exchanges – JDK-8293598: Enhance InetAddress
The newest upstream commit Security fix for CVE-2023-0288
Update to 109.0.5414.119. Fixes the following security issues: CVE-2023-0471 CVE-2023-0472 CVE-2023-0473 CVE-2023-0474
Fix CVE-2022-47021