New upstream release with bug and security fixes. Also, consolidates duplicate pakages marked and nodejs-marked. I tested upgrades from both, but may have missed some wonky situation.
Posts Tagged Fedora Linux Distribution – Security Advisories
New upstream release with bug and security fixes. Also, consolidates duplicate pakages marked and nodejs-marked. I tested upgrades from both, but may have missed some wonky situation.
New version 3.2.4, enabled build with androiddump.
## Python 3.8.3 This is the third maintenance release of Python 3.8. See [the c hangelog](https://docs.python.org/release/3.8.3/whatsnew/changelog.html#changelo g) for details. Contains the security fix for CVE-2020-8492.
Fix cvws CVE-2020-10726,CVE-2020-10724,CVE-2020-10723,CVE-2020-10722,CVE-2020-10725
– fixes CVE-2020-12667
– CVE-2020-10957: lmtp/submission: A client can crash the server by sending a NOOP command with an invalid string parameter. This occurs particularly for a parameter that doesn’t start with a double quote. This applies to all SMTP services, including submission-login, which makes it possible to crash the submission service without authentication. – CVE-2020-10958: lmtp/submission:
Security fix for CVE-2020-12662 and CVE-2020-12663
Backported patch for CVE-2018-10756.
Latest upstream release fixing security issues.
Exclude arch s390x on el8 —- Update from upstream
Exclude arch s390x on el8 —- Update from upstream
### python-markdown2 2.3.9 ### – [pull #335] Added header support for wiki tables – [pull #336] Reset _toc when convert is run – [pull #353] XSS fix – [pull #350] XSS fix
The 5.6.14 stable kernel update contains a number of important fixes across the tree
Security fix for CVE-2018-1285
Update to 8.10 release (CVE-2020-12823)
**PHP version 7.3.18** (14 May 2020) **Core:** * Fixed bug php#78875 (Long filenames cause OOM and temp files are not cleaned). (**CVE-2019-11048**) (cmb) * Fixed bug php#78876 (Long variables in multipart/form-data cause OOM and temp files are not cleaned). (**CVE-2019-11048**) (cmb) * Fixed bug php#79434 (PHP 7.3 and PHP-7.4 crash with NULL-pointer dereference on !CS constant). (Nikita) *
**PHP version 7.3.18** (14 May 2020) **Core:** * Fixed bug php#78875 (Long filenames cause OOM and temp files are not cleaned). (**CVE-2019-11048**) (cmb) * Fixed bug php#78876 (Long variables in multipart/form-data cause OOM and temp files are not cleaned). (**CVE-2019-11048**) (cmb) * Fixed bug php#79434 (PHP 7.3 and PHP-7.4 crash with NULL-pointer dereference on !CS constant). (Nikita) *
Update to Ruby 2.6.6. Also fixes CVE-2020-10933 and CVE-2020-10663.
New upstream release with fixes for CVEs and other enhancements.
New upstream release with fixes for CVEs and other enhancements.
New upstream release with fixes for CVEs and other enhancements.
The 5.6.13 stable kernel update contains a number of important fixes across the tree —- The 5.6.12 stable update contains a number of important fixes across the tree.
Latest upstream.
This package fixes a security issue that allowed for _method query parameters to be used with GET requests. The fix is backported from Mojolicious v8.42.
This package fixes a security issue that allowed for _method query parameters to be used with GET requests. The fix is backported from Mojolicious v8.42.
Update to OpenJDK 8u252 (April Critical Patch Update) – JDK-8223898, CVE-2020-2754: Forward references to Nashorn – JDK-8223904, CVE-2020-2755: Improve Nashorn matching – JDK-8224541, CVE-2020-2756: Better mapping of serial ENUMs – JDK-8224549, CVE-2020-2757: Less Blocking Array Queues – JDK-8225603: Enhancement for big integers – JDK-8227542: Manifest improved jar headers –
Update to latest upstream 8.8.8
8u252 update
Update to latest upstream 8.8.8