fix CVE-2025-9165: memory leak in tiffcmp (rhbz#2389608)
Comment
Posts Tagged Fedora Linux Distribution – Security Advisories
2688 results.
fix CVE-2025-8534: null pointer dereference in tiff2ps (rhbz#2386494) fix CVE-2024-13978: null pointer dereference in tiff2pdf (rhbz#2386201)
Updated to 139.0.7258.138 CVE-2025-9132: Out of bounds write in V8
Python 3.13.7 is the seventh maintenance release of 3.13. 3.13.7 is an expedited release to fix a significant issue with the 3.13.6 release: gh-137583: Regression in ssl module between 3.13.5 and 3.13.6: reading from a TLS-encrypted connection blocks
Python 3.13.7 is the seventh maintenance release of 3.13. 3.13.7 is an expedited release to fix a significant issue with the 3.13.6 release: gh-137583: Regression in ssl module between 3.13.5 and 3.13.6: reading from a TLS-encrypted connection blocks
Security fixes Bumped the minimum github.com/go-viper/mapstructure/v2 version to 2.3.0 for GHSA-fv92-fjc5-jj9h or GO-2025-3787 Bumped the minimum github.com/NVIDIA/nvidia-container-toolkit version to 1.17.8 for CVE-2025-23266 and CVE-2025-23267
Update to release v1.31.12 Resolves: rhbz#2388412 Resolves: CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference Upstream fix
Update to release v1.32.7 Resolves: rhbz#2388412 Resolves: CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference Upstream fixes
Update to 1.67.0 Update to 1.66.0
Update to release v1.32.7 Resolves: rhbz#2388412 Resolves: CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference Upstream fixes
Update to release v1.33.4 Resolves: rhbz#2388412 Fixes CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference Upstream fixes
Update to release v1.31.12 Resolves: rhbz#2388412 Resolves: CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference Upstream fix
Update to v1.136.0 Update to 1.135.2 Update to 1.135.0
Update to version 0.4.11. This version includes a fix for CVE-2025-55159, but there are zero packages in Fedora or EPEL that use the affected API, so no rebuilds are necessary.
CVE-2025-53537: HIGH CVE-2025-53538: HIGH
Security fix for CVE-2025-8194
Rebase due to a lot of CVE fixes
Updated to new upstream release (142.0)
Update to 1.26.3.
Update to 1.26.3.
Changes in v1.4.13: server: Cover edge-case in the EventFilter validation client: Cover edge-case in the UserTokenPolicy validation arch: Process delayed callbacks immediately via the nextCyclicTime plugins: Fixed memleak for scandir in OpenSSL SecurityPolicies
Changes in v1.4.13: server: Cover edge-case in the EventFilter validation client: Cover edge-case in the UserTokenPolicy validation arch: Process delayed callbacks immediately via the nextCyclicTime plugins: Fixed memleak for scandir in OpenSSL SecurityPolicies
2.1900 [Fixed] – CVE-2025-40918 (Insecure source of randomness), required addition of dependency on Crypt::URandom [Changed] – Modules Authen::SASL::Perl::CRAM_MD5, Authen::SASL::Perl::DIGEST_MD5 and Authen::SASL::CRAM_MD5 marked as deprecated based on the respective RFC
3.13.6 is the sixth maintenance release of 3.13, containing around 200 bugfixes, build improvements and documentation changes since 3.13.5. This update contains fix for https://www.cve.org/CVERecord?id=CVE-2025-8194
Update to 1.135.2 Update to 1.135.0
Resolve CVE-2025-7039 (Buffer Under-read on GLib through glib/gfileutils.c via get_tmp_file()) with several other bug fixes.
3.13.6 is the sixth maintenance release of 3.13, containing around 200 bugfixes, build improvements and documentation changes since 3.13.5. This update contains fix for https://www.cve.org/CVERecord?id=CVE-2025-8194
Backport fix for CVE-2025-54874.
Backport fix for CVE-2025-8194.