Rebase to radare2-4.2.1 and cutter-re 1.10.1. It fixes CVE-2019-19590 and CVE-2019-19547. It also fix a problem in cutter-re that did not display the window icon on Wayland.
Posts Tagged Fedora Linux Distribution – Security Advisories
**Horde_Data 2.1.5** * [jan] Fix Remote Code Execution vulnerability (CVE-2020-8518, Reported by: Andrea Cardaci/SSD).
Security fix for CVE-2019-14494.
Add patch for CVE-2020-6750 and related issues.
Update to Node.js 12.15.0
libasr-1.0.4, opensmtpd-6.6.2p1 update
Update to Node.js 12.15.0
libasr-1.0.4, opensmtpd-6.6.2p1 update
libasr-1.0.4, opensmtpd-6.6.2p1 update
Update to Node.js 12.15.0
libasr-1.0.4, opensmtpd-6.6.2p1 update
Resolve buffer overflow in TexOpen() function, CVE-2019-19601
Resolves: #1796107, #1796109 – Security fix for CVE-2019-19921
– Use Apple upstream instead of non-fresh Github one – New upstream in 1.8 dev branch with 417.1 subversion – Close CVE-2018-17093 – Close CVE-2018-17094 – Close CVE-2017-11124 – Close CVE-2017-11125 – Close CVE-2010-3798 – Use license macro – Add OpenSSL To Configuration
3.96, multiple security fixes. —- Patch for CVE-2019-20021
This update incorporates fixes from the upstream glibc 2.29 stable release branch, including a fix for a minor security vulnerability ([`LD_PREFER_MAP_32BIT_EXEC` not ignored in setuid binaries](https://bugzilla.redhat.com/show_bug.cgi?id=1774682)).
Update to the January 2020 CPU release 11.0.6. See: http://mail.openjdk.java.net/pipermail/jdk-updates-dev/2020-January/002374.html https://openjdk.java.net/groups/vulnerability/advisories/2020-01-14
Fixes **CVE-2017-18189**.
3.96, multiple security fixes. —- Patch for CVE-2019-20021
– Use Apple upstream instead of non-fresh Github one – New upstream in 1.8 dev branch with 417.1 subversion – Close CVE-2018-17093 – Close CVE-2018-17094 – Close CVE-2017-11124 – Close CVE-2017-11125 – Close CVE-2010-3798 – Use license macro – Add OpenSSL To Configuration
This update fixes CVE-2020-6851.
Fix a potential out of bounds write when checking a maliciously corrupted file system. This is probably not exploitable on 64-bit platforms, but may be exploitable on 32-bit binaries depending on how the compiler lays out the stack variables. (Addresses CVE-2019-5188) A maliciously corrupted file systems can trigger buffer overruns in the quota code used by e2fsck. (Addresses
This update fixes CVE-2020-6851.
January 2020 CPU security update. See http://mail.openjdk.java.net/pipermail/jdk8u-dev/2020-January/010979.html https://openjdk.java.net/groups/vulnerability/advisories/2020-01-14
* Fix issues while trying to play a video on NextCloud. * Make sure the GL video sink uses a valid WebKit shared GL context. * Fix vertical alignment of text containing arabic diacritics. * Fix build with icu 65.1. * Fix page loading errors with websites using HSTS. * Fix web process crash when displaying a KaTeX formula. * Fix several crashes and rendering issues. [WebKitGTK Security
* Fix issues while trying to play a video on NextCloud. * Make sure the GL video sink uses a valid WebKit shared GL context. * Fix vertical alignment of text containing arabic diacritics. * Fix build with icu 65.1. * Fix page loading errors with websites using HSTS. * Fix web process crash when displaying a KaTeX formula. * Fix several crashes and rendering issues. [WebKitGTK Security
Update to 79.0.3945.130. Fixes the following security issues: * CVE-2020-6378 * CVE-2020-6379 * CVE-2020-6380
This is January 2020 OpenJDK security update for java-latest-openjdk packages. The sources are updated to the 13.0.2+8 tag.
Update to latest upstream version, see following page for changes: https://www.mozilla.org/en-US/thunderbird/38.1.0/releasenotes/ This update also should fixed problems with thunderbird-lightning-gdata package. Rebase to Thunderbird 38. By this release thunderbird-lightning (calendar) package has become obsolete, because it is a part of Thunderbird 38 package now. For changes see: https://www.mozilla.org/en-US/thunderbird/38.0.1/releasenotes/ [More…]
Update to latest upstream version, see following page for changes: https://www.mozilla.org/en-US/thunderbird/38.1.0/releasenotes/ This update also should fixed problems with thunderbird-lightning-gdata package. Rebase to Thunderbird 38. By this release thunderbird-lightning (calendar) package has become obsolete, because it is a part of Thunderbird 38 package now. For changes see: https://www.mozilla.org/en-US/thunderbird/38.0.1/releasenotes/ [More…]