fvwm3-1.1.4-1.fc42
FEDORA-2025-f7d7958683
Packages in this update:
- fvwm3-1.1.4-1.fc42
FVWM3 ver. 1.1.4
Aggregator
fvwm3-1.1.4-1.fc41
FEDORA-2025-c0d54269e6
Packages in this update:
- fvwm3-1.1.4-1.fc41
FVWM3 ver. 1.1.4
fvwm3-1.1.4-1.fc43
FEDORA-2025-a5cdd30644
Packages in this update:
- fvwm3-1.1.4-1.fc43
FVWM3 ver. 1.1.4
xmedcon-0.25.3-1.fc42
FEDORA-2025-805b8f571a
Packages in this update:
- xmedcon-0.25.3-1.fc42
upgraded to 0.25.3 fixes open bugs, CVEs, etc
xmedcon-0.25.3-1.fc43
FEDORA-2025-977a26e133
Packages in this update:
- xmedcon-0.25.3-1.fc43
upgraded to 0.25.3 fixes open bugs, CVEs, etc
xmedcon-0.25.3-1.fc41
FEDORA-2025-9d4a8ab586
Packages in this update:
- xmedcon-0.25.3-1.fc41
upgraded to 0.25.3 fixes open bugs, CVEs, etc
suricata-7.0.13-1.fc42
FEDORA-2025-0490389cb0
Packages in this update:
- suricata-7.0.13-1.fc42
upstream bugfix/security release
chromium-142.0.7444.134-1.fc41
FEDORA-2025-671d7aa1ba
Packages in this update:
- chromium-142.0.7444.134-1.fc41
Update to 142.0.7444.134
* High CVE-2025-12725: Out of bounds write in WebGPU * High CVE-2025-12726: Inappropriate implementation in Views * High CVE-2025-12727: Inappropriate implementation in V8 * Medium CVE-2025-12728: Inappropriate implementation in Omnibox * Medium CVE-2025-12729: Inappropriate implementation in Omniboxchromium-142.0.7444.134-1.el9
FEDORA-EPEL-2025-35c67d93f9
Packages in this update:
- chromium-142.0.7444.134-1.el9
Update to 142.0.7444.134
* High CVE-2025-12725: Out of bounds write in WebGPU * High CVE-2025-12726: Inappropriate implementation in Views * High CVE-2025-12727: Inappropriate implementation in V8 * Medium CVE-2025-12728: Inappropriate implementation in Omnibox * Medium CVE-2025-12729: Inappropriate implementation in Omniboxchromium-142.0.7444.134-1.fc43
FEDORA-2025-97961060e1
Packages in this update:
- chromium-142.0.7444.134-1.fc43
Update to 142.0.7444.134
* High CVE-2025-12725: Out of bounds write in WebGPU * High CVE-2025-12726: Inappropriate implementation in Views * High CVE-2025-12727: Inappropriate implementation in V8 * Medium CVE-2025-12728: Inappropriate implementation in Omnibox * Medium CVE-2025-12729: Inappropriate implementation in Omniboxchromium-142.0.7444.134-1.el10_2
FEDORA-EPEL-2025-bcf0aee791
Packages in this update:
- chromium-142.0.7444.134-1.el10_2
Update to 142.0.7444.134
* High CVE-2025-12725: Out of bounds write in WebGPU * High CVE-2025-12726: Inappropriate implementation in Views * High CVE-2025-12727: Inappropriate implementation in V8 * Medium CVE-2025-12728: Inappropriate implementation in Omnibox * Medium CVE-2025-12729: Inappropriate implementation in Omniboxsuricata-7.0.13-1.fc43
FEDORA-2025-a366512b23
Packages in this update:
- suricata-7.0.13-1.fc43
Upstream security/bugfix release.
python-pdfminer-20240706-2.el9
FEDORA-EPEL-2025-a52b9deb70
Packages in this update:
- python-pdfminer-20240706-2.el9
Backport security fix for GHSA-wf5f-4jwr-ppcp / CVE-2025-64512
python-pdfminer-20240706-3.fc41
FEDORA-2025-d019d16668
Packages in this update:
- python-pdfminer-20240706-3.fc41
Backport security fix for GHSA-wf5f-4jwr-ppcp / CVE-2025-64512
python-pdfminer-20240706-4.fc42
FEDORA-2025-453047be66
Packages in this update:
- python-pdfminer-20240706-4.fc42
Backport security fix for GHSA-wf5f-4jwr-ppcp / CVE-2025-64512
python-pdfminer-20251107-1.el10_1
FEDORA-EPEL-2025-bc46c9a9b9
Packages in this update:
- python-pdfminer-20251107-1.el10_1
Update to 20251107
Fix: arbitary code execution when loading pickle font files
Security fix for GHSA-wf5f-4jwr-ppcp
python-pdfminer-20251107-1.el10_2
FEDORA-EPEL-2025-58acb12ebc
Packages in this update:
- python-pdfminer-20251107-1.el10_2
Update to 20251107
Fix: arbitary code execution when loading pickle font files
Security fix for GHSA-wf5f-4jwr-ppcp
python-pdfminer-20251107-1.fc43
FEDORA-2025-63872f52bb
Packages in this update:
- python-pdfminer-20251107-1.fc43
Update to 20251107
Fix: arbitary code execution when loading pickle font files
Security fix for GHSA-wf5f-4jwr-ppcp
USN-7853-3: Linux kernel (Azure) vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered
that the Linux kernel contained insufficient branch predictor isolation
between a guest and a userspace hypervisor for certain processors. This
flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this
to expose sensitive information from the host OS. (CVE-2025-40300)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- DMA engine subsystem;
- GPU drivers;
- HSI subsystem;
- Ethernet team driver;
- Ext4 file system;
- Timer subsystem;
- DCCP (Datagram Congestion Control Protocol);
- IPv6 networking;
- NET/ROM layer;
- SCTP protocol;
- USB sound devices;
(CVE-2023-52574, CVE-2023-52650, CVE-2024-41006, CVE-2024-50006,
CVE-2024-50299, CVE-2024-53124, CVE-2024-53150, CVE-2024-56767,
CVE-2025-37838, CVE-2025-38352)
bind9-next-9.21.14-2.fc42
FEDORA-2025-d9f9394ecd
Packages in this update:
- bind9-next-9.21.14-2.fc42
- DNSSEC validation fails if matching but invalid DNSKEY is found. (CVE-2025-8677)
- Address various spoofing attacks. (CVE-2025-40778)
- Cache-poisoning due to weak pseudo-random number generator. (CVE-2025-40780)
- Add dnssec-policy keys configuration check to named-checkconf.
- Add support for synthetic records.
- Support for zone-specific plugins.
- Support for additional tokens in the zone file name template.
- Remove randomized RRset ordering.
and bug fixes
https://downloads.isc.org/isc/bind9/9.21.14/doc/arm/html/notes.html#notes-for-bind-9-21-14