next-20251030: linux-next
Version:next-20251030 (linux-next)
Released:2025-10-30
Aggregator
DSA-6046-1 chromium - security update
DSA-6047-1 squid - security update
USN-7848-1: AMD Microcode vulnerabilities
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores. A local attacker could possibly use
this issue to expose sensitive information. This update provides the
updated microcode mitigations required for the corresponding Linux kernel
update.
mupen64plus-2.6.0-8.fc41
FEDORA-2025-2406078e57
Packages in this update:
- mupen64plus-2.6.0-8.fc41
Patch CVE-2025-29366 and CVE-2025-29366
There should be no change in behaviour.
mupen64plus-2.6.0-8.fc43
FEDORA-2025-123e2abe71
Packages in this update:
- mupen64plus-2.6.0-8.fc43
Patch CVE-2025-29366 and CVE-2025-29366 There should be no change in behaviour.
mupen64plus-2.6.0-8.fc42
FEDORA-2025-7a40e176ed
Packages in this update:
- mupen64plus-2.6.0-8.fc42
Patch CVE-2025-29366 and CVE-2025-29366 There should be no change in behaviour.
unbound-1.24.1-1.fc43
FEDORA-2025-16df491a66
Packages in this update:
- unbound-1.24.1-1.fc43
- Enables DNS over QUIC server in unbound
- Fix CVE-2025-11411, (possible domain hijacking attack), reported by Yuxiao Wu, Yunyi Zhang, Baojun Liu and Haixin Duan from Tsinghua University.
USN-7847-1: GNU binutils vulnerabilities
It was discovered that GNU binutils incorrectly handled certain files.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code. The attack is restricted to local execution.
(CVE-2025-11082)
It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or
execute arbitrary code. (CVE-2025-11083, CVE-2025-5244, CVE-2025-5245,
CVE-2025-7554)
It was discovered that GNU binutils incorrectly handled certain files.
An attacker could possibly use this issue to cause crash, execute
arbitrary code or expose sensitive information. (CVE-2025-1147)
It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2025-1148, CVE-2025-3198, CVE-2025-8225
It was discovered that GNU binutils incorrectly handled certain files.
An attacker could possibly use this issue to cause a crash. This issue only
affected Ubuntu 25.04. (CVE-2025-1182)
It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbritrary code.
This issue only affected Ubuntu 25.04 and Ubuntu 24.04 LTS.
(CVE-2025-7546)
6.17.6: stable
Version:6.17.6 (stable)
Released:2025-10-29
Source:linux-6.17.6.tar.xz
PGP Signature:linux-6.17.6.tar.sign
Patch:full (incremental)
ChangeLog:ChangeLog-6.17.6
6.12.56: longterm
Version:6.12.56 (longterm)
Released:2025-10-29
Source:linux-6.12.56.tar.xz
PGP Signature:linux-6.12.56.tar.sign
Patch:full (incremental)
ChangeLog:ChangeLog-6.12.56
6.6.115: longterm
Version:6.6.115 (longterm)
Released:2025-10-29
Source:linux-6.6.115.tar.xz
PGP Signature:linux-6.6.115.tar.sign
Patch:full (incremental)
ChangeLog:ChangeLog-6.6.115
6.1.158: longterm
Version:6.1.158 (longterm)
Released:2025-10-29
Source:linux-6.1.158.tar.xz
PGP Signature:linux-6.1.158.tar.sign
Patch:full (incremental)
ChangeLog:ChangeLog-6.1.158
5.15.196: longterm
Version:5.15.196 (longterm)
Released:2025-10-29
Source:linux-5.15.196.tar.xz
PGP Signature:linux-5.15.196.tar.sign
Patch:full (incremental)
ChangeLog:ChangeLog-5.15.196
5.10.246: longterm
Version:5.10.246 (longterm)
Released:2025-10-29
Source:linux-5.10.246.tar.xz
PGP Signature:linux-5.10.246.tar.sign
Patch:full (incremental)
ChangeLog:ChangeLog-5.10.246
5.4.301: longterm
Version:5.4.301 (longterm)
Released:2025-10-29
Source:linux-5.4.301.tar.xz
PGP Signature:linux-5.4.301.tar.sign
Patch:full (incremental)
ChangeLog:ChangeLog-5.4.301
USN-7846-1: X.Org X Server vulnerabilities
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
certain memory operations. An attacker could use these issues to cause the
X Server to crash, leading to a denial of service, obtain sensitive
information, or possibly execute arbitrary code.
mingw-poppler-24.08.0-7.fc42
FEDORA-2025-591ef9306a
Packages in this update:
- mingw-poppler-24.08.0-7.fc42
Backport fix for CVE-2025.52885.
mingw-poppler-25.07.0-2.fc43
FEDORA-2025-8b329c399b
Packages in this update:
- mingw-poppler-25.07.0-2.fc43
Backport fix for CVE-2025.52885.
python-starlette-0.42.0-3.fc41
FEDORA-2025-10d2e6260b
Packages in this update:
- python-starlette-0.42.0-3.fc41
Backport security fix for CVE-2025-62727, GHSA-7f5h-v6xp-fcq8