2 weeks 3 days ago
FEDORA-2025-1746085e78
Packages in this update:
- python-setuptools-69.2.0-10.fc41
Update description:
Security fix for CVE-2025-47273
2 weeks 3 days ago
FEDORA-2025-1c17f3520b
Packages in this update:
- python-setuptools-74.1.3-7.fc42
Update description:
Security fix for CVE-2025-47273
2 weeks 3 days ago
USN-7555-1 fixed vulnerabilities in Django. The fix was incomplete.
This update applies an additional patch to fix it properly.
Original advisory details:
It was discovered that Django incorrectly handled certain
unescaped request paths. An attacker could possibly use this
issue to perform a log injection.
2 weeks 3 days ago
It was discovered that Python incorrectly handled certain unicode
characters during decoding. An attacker could possibly use this issue to
cause a denial of service. (CVE-2025-4516)
It was discovered that Python incorrectly handled unicode encoding of email
headers with list separators in folded lines. An attacker could possibly
use this issue to expose sensitive information. (CVE-2025-1795)
2 weeks 3 days ago
USN-7536-1 fixed vulnerabilities in cifs-utils. This update introduced a
regression in certain environments. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that cifs-utils incorrectly handled namespaces when
obtaining Kerberos credentials. An attacker could possibly use this issue
to obtain sensitive information.
2 weeks 3 days ago
FEDORA-EPEL-2025-3a9b0a638b
Packages in this update:
Update description:
Rebuild applications to apply two recent security updates:
- build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded)
- build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double-free on Drop)
2 weeks 3 days ago
FEDORA-2025-297c7ac7fe
Packages in this update:
- atuin-18.3.0-4.fc41
- awatcher-0.3.1-2.fc41
- gotify-desktop-1.3.7-5.fc41
- keylime-agent-rust-0.2.7-5.fc41
- mirrorlist-server-3.0.7-7.fc41
Update description:
Rebuild applications to apply two recent security updates:
- build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded)
- build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double-free on Drop)
2 weeks 3 days ago
FEDORA-2025-8a18a5a077
Packages in this update:
- atuin-18.3.0-4.fc42
- awatcher-0.3.1-2.fc42
- gotify-desktop-1.3.7-5.fc42
- mirrorlist-server-3.0.7-7.fc42
Update description:
Rebuild applications to apply two recent security updates:
- build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded)
- build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double-free on Drop)
2 weeks 3 days ago
FEDORA-2025-9f8cbb5e03
Packages in this update:
- atuin-18.3.0-4.fc43
- awatcher-0.3.1-2.fc43
- gotify-desktop-1.3.7-5.fc43
- mirrorlist-server-3.0.7-7.fc43
Update description:
Rebuild applications to apply two recent security updates:
- build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded)
- build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double-free on Drop)
2 weeks 3 days ago
Version:next-20250616 (linux-next)
Released:2025-06-16
2 weeks 3 days ago
It was discovered that Dojo did not correctly handle DataGrids. An
attacker could possibly use this issue to execute arbitrary code. This
issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
(CVE-2018-15494)
It was discovered that Dojo was vulnerable to prototype pollution. An
attacker could possibly use this issue to execute arbitrary code.
(CVE-2021-23450)
Jonathan Leitschuh discovered that Dojo did not correctly sanitize
certain inputs. An attacker could possibly use this issue to execute a
cross-site scripting (XSS) attack. This issue only affected
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2019-10785, CVE-2020-4051)
2 weeks 3 days ago
Dennis Brinkrolf and Tobias Funke discovered that Requests did not
correctly handle certain HTTP headers. A remote attacker could possibly
use this issue to leak sensitive information. This issue only affected
Ubuntu 14.04 LTS. (CVE-2023-32681)
Juho Forsén discovered that Requests did not correctly parse URLs. A
remote attacker could possibly use this issue to leak sensitive
information. (CVE-2024-47081)
2 weeks 4 days ago
2 weeks 4 days ago
FEDORA-2025-6b4a9c1dd1
Packages in this update:
Update description:
Update to 7.9.1
2 weeks 4 days ago
FEDORA-2025-0533c67535
Packages in this update:
Update description:
Update to 7.9.1
2 weeks 4 days ago
FEDORA-EPEL-2025-c5e2b2171e
Packages in this update:
Update description:
Update to 7.9.1
2 weeks 4 days ago
FEDORA-EPEL-2025-b08324ec24
Packages in this update:
Update description:
Update to 7.9.1
2 weeks 4 days ago
FEDORA-2025-60e9097b77
Packages in this update:
- mingw-glib2-2.84.3-1.fc42
Update description:
FIx CVE-2025-6052.
2 weeks 4 days ago
FEDORA-2025-2c1425a4e4
Packages in this update:
- mingw-glib2-2.82.5-1.fc41
Update description:
FIx CVE-2025-6052.
2 weeks 5 days ago
FEDORA-2025-db489d66e3
Packages in this update:
- mingw-python-setuptools-78.1.1-1.fc42
Update description:
Update to 78.1.1, fixes CVE-2025-47273.