3 weeks 1 day ago
FEDORA-2024-8ffb095abb
Packages in this update:
Update description:
Upstream annoucement: WordPress 6.5.2 Maintenance and Security Release
Security updates included in this release
- A cross-site scripting (XSS) vulnerability affecting the Avatar block type; reported by John Blackbourn of the WordPress security team. Many thanks to Mat Rollings for assisting with the research.
Upstream announcement: WordPress 6.5 “Regina”
3 weeks 1 day ago
FEDORA-2024-e6d3143991
Packages in this update:
Update description:
Upstream annoucement: WordPress 6.5.2 Maintenance and Security Release
Security updates included in this release
- A cross-site scripting (XSS) vulnerability affecting the Avatar block type; reported by John Blackbourn of the WordPress security team. Many thanks to Mat Rollings for assisting with the research.
Upstream announcement: WordPress 6.5 “Regina”
3 weeks 1 day ago
FEDORA-EPEL-2024-7c7a65fa6c
Packages in this update:
Update description:
Upstream annoucement: WordPress 6.5.2 Maintenance and Security Release
Security updates included in this release
- A cross-site scripting (XSS) vulnerability affecting the Avatar block type; reported by John Blackbourn of the WordPress security team. Many thanks to Mat Rollings for assisting with the research.
Upstream announcement: WordPress 6.5 “Regina”
3 weeks 1 day ago
FEDORA-2024-0a2f144348
Packages in this update:
Update description:
WordPress 6.4.4 Security Release
Security updates included in this release
- A cross-site scripting (XSS) vulnerability affecting the Avatar block type; reported by John Blackbourn of the WordPress security team. Many thanks to Mat Rollings for assisting with the research.
3 weeks 1 day ago
USN-6719-1 fixed a vulnerability in util-linux. Unfortunately, it was
discovered that the fix did not fully address the issue. This update
removes the setgid permission bit from the wall and write utilities.
Original advisory details:
Skyler Ferrante discovered that the util-linux wall command did not filter
escape sequences from command line arguments. A local attacker could
possibly use this issue to obtain sensitive information.
3 weeks 2 days ago
FEDORA-2024-39d50cc975
Packages in this update:
Update description:
PHP version 8.2.18 (11 Apr 2024)
Core:
- Fixed bug GH-13612 (Corrupted memory in destructor with weak references). (nielsdos)
- Fixed bug GH-13784 (AX_GCC_FUNC_ATTRIBUTE failure). (Remi)
- Fixed bug GH-13670 (GC does not scale well with a lot of objects created in destructor). (Arnaud)
DOM:
- Add some missing ZPP checks. (nielsdos)
- Fix potential memory leak in XPath evaluation results. (nielsdos)
- Fix phpdoc for DOMDocument load methods. (VincentLanglet)
FPM
- Fix incorrect check in fpm_shm_free(). (nielsdos)
GD:
- Fixed bug GH-12019 (add GDLIB_CFLAGS in feature tests). (Michael Orlitzky)
Gettext:
- Fixed sigabrt raised with dcgettext/dcngettext calls with gettext 0.22.5 with category set to LC_ALL. (David Carlier)
MySQLnd:
- Fix GH-13452 (Fixed handshake response [mysqlnd]). (Saki Takamachi)
- Fix incorrect charset length in check_mb_eucjpms(). (nielsdos)
Opcache:
- Fixed GH-13508 (JITed QM_ASSIGN may be optimized out when op1 is null). (Arnaud, Dmitry)
- Fixed GH-13712 (Segmentation fault for enabled observers when calling trait method of internal trait when opcache is loaded). (Bob)
PDO:
- Fix various PDORow bugs. (Girgias)
Random:
- Fixed bug GH-13544 (Pre-PHP 8.2 compatibility for mt_srand with unknown modes). (timwolla)
- Fixed bug GH-13690 (Global Mt19937 is not properly reset in-between requests when MT_RAND_PHP is used). (timwolla)
Session:
- Fixed bug GH-13680 (Segfault with session_decode and compilation error). (nielsdos)
Sockets:
- Fixed bug GH-13604 (socket_getsockname returns random characters in the end of the socket name). (David Carlier)
SPL:
- Fixed bug GH-13531 (Unable to resize SplfixedArray after being unserialized in PHP 8.2.15). (nielsdos)
- Fixed bug GH-13685 (Unexpected null pointer in zend_string.h). (nielsdos)
Standard:
- Fixed bug GH-11808 (Live filesystem modified by tests). (nielsdos)
- Fixed GH-13402 (Added validation of \n in $additional_headers of mail()). (SakiTakamachi)
- Fixed bug GH-13203 (file_put_contents fail on strings over 4GB on Windows). (divinity76)
- Fixed bug GHSA-pc52-254m-w9w7 (Command injection via array-ish $command parameter of proc_open). (CVE-2024-1874) (Jakub Zelenka)
- Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix). (CVE-2024-2756) (nielsdos)
- Fixed bug GHSA-h746-cjrr-wfmr (password_verify can erroneously return true, opening ATO risk). (CVE-2024-3096) (Jakub Zelenka)
XML:
- Fixed bug GH-13517 (Multiple test failures when building with --with-expat). (nielsdos)
3 weeks 2 days ago
FEDORA-2024-b46619f761
Packages in this update:
Update description:
PHP version 8.2.18 (11 Apr 2024)
Core:
- Fixed bug GH-13612 (Corrupted memory in destructor with weak references). (nielsdos)
- Fixed bug GH-13784 (AX_GCC_FUNC_ATTRIBUTE failure). (Remi)
- Fixed bug GH-13670 (GC does not scale well with a lot of objects created in destructor). (Arnaud)
DOM:
- Add some missing ZPP checks. (nielsdos)
- Fix potential memory leak in XPath evaluation results. (nielsdos)
- Fix phpdoc for DOMDocument load methods. (VincentLanglet)
FPM
- Fix incorrect check in fpm_shm_free(). (nielsdos)
GD:
- Fixed bug GH-12019 (add GDLIB_CFLAGS in feature tests). (Michael Orlitzky)
Gettext:
- Fixed sigabrt raised with dcgettext/dcngettext calls with gettext 0.22.5 with category set to LC_ALL. (David Carlier)
MySQLnd:
- Fix GH-13452 (Fixed handshake response [mysqlnd]). (Saki Takamachi)
- Fix incorrect charset length in check_mb_eucjpms(). (nielsdos)
Opcache:
- Fixed GH-13508 (JITed QM_ASSIGN may be optimized out when op1 is null). (Arnaud, Dmitry)
- Fixed GH-13712 (Segmentation fault for enabled observers when calling trait method of internal trait when opcache is loaded). (Bob)
PDO:
- Fix various PDORow bugs. (Girgias)
Random:
- Fixed bug GH-13544 (Pre-PHP 8.2 compatibility for mt_srand with unknown modes). (timwolla)
- Fixed bug GH-13690 (Global Mt19937 is not properly reset in-between requests when MT_RAND_PHP is used). (timwolla)
Session:
- Fixed bug GH-13680 (Segfault with session_decode and compilation error). (nielsdos)
Sockets:
- Fixed bug GH-13604 (socket_getsockname returns random characters in the end of the socket name). (David Carlier)
SPL:
- Fixed bug GH-13531 (Unable to resize SplfixedArray after being unserialized in PHP 8.2.15). (nielsdos)
- Fixed bug GH-13685 (Unexpected null pointer in zend_string.h). (nielsdos)
Standard:
- Fixed bug GH-11808 (Live filesystem modified by tests). (nielsdos)
- Fixed GH-13402 (Added validation of \n in $additional_headers of mail()). (SakiTakamachi)
- Fixed bug GH-13203 (file_put_contents fail on strings over 4GB on Windows). (divinity76)
- Fixed bug GHSA-pc52-254m-w9w7 (Command injection via array-ish $command parameter of proc_open). (CVE-2024-1874) (Jakub Zelenka)
- Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix). (CVE-2024-2756) (nielsdos)
- Fixed bug GHSA-h746-cjrr-wfmr (password_verify can erroneously return true, opening ATO risk). (CVE-2024-3096) (Jakub Zelenka)
XML:
- Fixed bug GH-13517 (Multiple test failures when building with --with-expat). (nielsdos)
3 weeks 2 days ago
FEDORA-2024-5e8ae0def0
Packages in this update:
Update description:
PHP version 8.3.6 (11 Apr 2024)
Core:
- Fixed GH-13569 (GC buffer unnecessarily grows up to GC_MAX_BUF_SIZE when scanning WeakMaps). (Arnaud)
- Fixed bug GH-13612 (Corrupted memory in destructor with weak references). (nielsdos)
- Fixed bug GH-13446 (Restore exception handler after it finishes). (ilutov)
- Fixed bug GH-13784 (AX_GCC_FUNC_ATTRIBUTE failure). (Remi)
- Fixed bug GH-13670 (GC does not scale well with a lot of objects created in destructor). (Arnaud)
DOM:
- Add some missing ZPP checks. (nielsdos)
- Fix potential memory leak in XPath evaluation results. (nielsdos)
FPM:
- Fixed GH-11086 (FPM: config test runs twice in daemonised mode). (Jakub Zelenka)
- Fix incorrect check in fpm_shm_free(). (nielsdos)
GD:
- Fixed bug GH-12019 (add GDLIB_CFLAGS in feature tests). (Michael Orlitzky)
Gettext:
- Fixed sigabrt raised with dcgettext/dcngettext calls with gettext 0.22.5 with category set to LC_ALL. (David Carlier)
MySQLnd:
- Fix GH-13452 (Fixed handshake response [mysqlnd]). (Saki Takamachi)
- Fix incorrect charset length in check_mb_eucjpms(). (nielsdos)
Opcache:
- Fixed GH-13508 (JITed QM_ASSIGN may be optimized out when op1 is null). (Arnaud, Dmitry)
- Fixed GH-13712 (Segmentation fault for enabled observers when calling trait method of internal trait when opcache is loaded). (Bob)
Random:
- Fixed bug GH-13544 (Pre-PHP 8.2 compatibility for mt_srand with unknown modes). (timwolla)
- Fixed bug GH-13690 (Global Mt19937 is not properly reset in-between requests when MT_RAND_PHP is used). (timwolla)
Session:
- Fixed bug GH-13680 (Segfault with session_decode and compilation error). (nielsdos)
SPL:
- Fixed bug GH-13685 (Unexpected null pointer in zend_string.h). (nielsdos)
Standard:
- Fixed bug GH-11808 (Live filesystem modified by tests). (nielsdos)
- Fixed GH-13402 (Added validation of \n in $additional_headers of mail()). (SakiTakamachi)
- Fixed bug GH-13203 (file_put_contents fail on strings over 4GB on Windows). (divinity76)
- Fixed bug GHSA-pc52-254m-w9w7 (Command injection via array-ish $command parameter of proc_open). (CVE-2024-1874) (Jakub Zelenka)
- Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix). (CVE-2024-2756) (nielsdos)
- Fixed bug GHSA-h746-cjrr-wfmr (password_verify can erroneously return true, opening ATO risk). (CVE-2024-3096) (Jakub Zelenka) Fixed bug GHSA-fjp9-9hwx-59fq (mb_encode_mimeheader runs endlessly for some inputs). (CVE-2024-2757) (Alex Dowad)
- Fix bug GH-13932 (Attempt to fix mbstring on windows build) (msvc). (David Carlier)
3 weeks 2 days ago
Version:next-20240410 (linux-next)
Released:2024-04-10
3 weeks 2 days ago
FEDORA-2024-bbb141c1ed
Packages in this update:
Update description:
Security fix for CVE-2024-24576 (Windows command injection)
3 weeks 2 days ago
FEDORA-2024-ab4573fb3b
Packages in this update:
Update description:
Security fix for CVE-2024-24576 (Windows command injection)
3 weeks 2 days ago
FEDORA-2024-6bc17db348
Packages in this update:
Update description:
Security fix for CVE-2024-24576 (Windows command injection)
3 weeks 2 days ago
FEDORA-2024-3534c44ef9
Packages in this update:
Update description:
Automatic update for rust-1.77.2-1.fc41.
Changelog
* Tue Apr 9 2024 Josh Stone <
jistone@redhat.com> - 1.77.2-1
- Update to 1.77.2; Fixes RHBZ#2274248 CVE-2024-24576
3 weeks 2 days ago
FEDORA-2024-4357ec611d
Packages in this update:
Update description:
x86: Native Branch History Injection [XSA-456, CVE-2024-2201]
update to xen 4.17.4, remove patches now included upstream
rebase xen.gcc12.fixes.patch
x86 HVM hypercalls may trigger Xen bug check [XSA-454, CVE-2023-46842]
x86: Incorrect logic for BTC/SRSO mitigations [XSA-455, CVE-2024-31142]
3 weeks 2 days ago
FEDORA-2024-a46df5ba2f
Packages in this update:
Update description:
x86: Native Branch History Injection [XSA-456, CVE-2024-2201]
update to xen 4.18.2, remove patches now included upstream
x86 HVM hypercalls may trigger Xen bug check [XSA-454, CVE-2023-46842]
x86: Incorrect logic for BTC/SRSO mitigations [XSA-455, CVE-2024-31142]
3 weeks 2 days ago
USN-6721-1 fixed vulnerabilities in X.Org X Server. That fix was incomplete
resulting in a regression. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that X.Org X Server incorrectly handled certain data.
An attacker could possibly use this issue to expose sensitive information.
(CVE-2024-31080, CVE-2024-31081, CVE-2024-31082)
It was discovered that X.Org X Server incorrectly handled certain glyphs.
An attacker could possibly use this issue to cause a crash or expose sensitive
information. (CVE-2024-31083)
3 weeks 2 days ago
3 weeks 2 days ago
FEDORA-2024-f9ce536a3e
Packages in this update:
Update description:
Select correct Emacs binary on X11.
Obsolete the newer emacs-nox now in F39, fixing system upgrades
New upstream release 29.3, fixes rhbz#2271287
3 weeks 2 days ago
Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did
not properly perform permissions checks when handling HCI sockets. A
physically proximate attacker could use this to cause a denial of service
(bluetooth communication). (CVE-2023-2002)
It was discovered that the NVIDIA Tegra XUSB pad controller driver in the
Linux kernel did not properly handle return values in certain error
conditions. A local attacker could use this to cause a denial of service
(system crash). (CVE-2023-23000)
It was discovered that Spectre-BHB mitigations were missing for Ampere
processors. A local attacker could potentially use this to expose sensitive
information. (CVE-2023-3006)
It was discovered that the ext4 file system implementation in the Linux
kernel did not properly handle block device modification while it is
mounted. A privileged attacker could use this to cause a denial of service
(system crash) or possibly expose sensitive information. (CVE-2023-34256)
Eric Dumazet discovered that the netfilter subsystem in the Linux kernel
did not properly handle DCCP conntrack buffers in certain situations,
leading to an out-of-bounds read vulnerability. An attacker could possibly
use this to expose sensitive information (kernel memory). (CVE-2023-39197)
It was discovered that the Siano USB MDTV receiver device driver in the
Linux kernel did not properly handle device initialization failures in
certain situations, leading to a use-after-free vulnerability. A physically
proximate attacker could use this cause a denial of service (system crash).
(CVE-2023-4132)
Pratyush Yadav discovered that the Xen network backend implementation in
the Linux kernel did not properly handle zero length data request, leading
to a null pointer dereference vulnerability. An attacker in a guest VM
could possibly use this to cause a denial of service (host domain crash).
(CVE-2023-46838)
It was discovered that a race condition existed in the AppleTalk networking
subsystem of the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-51781)
Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel
did not properly handle connect command payloads in certain situations,
leading to an out-of-bounds read vulnerability. A remote attacker could use
this to expose sensitive information (kernel memory). (CVE-2023-6121)
It was discovered that the ext4 file system implementation in the Linux
kernel did not properly handle the remount operation in certain cases,
leading to a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly expose sensitive
information. (CVE-2024-0775)
Notselwyn discovered that the netfilter subsystem in the Linux kernel did
not properly handle verdict parameters in certain cases, leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2024-1086)
It was discovered that a race condition existed in the SCSI Emulex
LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF
and re-scanning an HBA FCF table, leading to a null pointer dereference
vulnerability. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-24855)
3 weeks 2 days ago
Pratyush Yadav discovered that the Xen network backend implementation in
the Linux kernel did not properly handle zero length data request, leading
to a null pointer dereference vulnerability. An attacker in a guest VM
could possibly use this to cause a denial of service (host domain crash).
(CVE-2023-46838)
It was discovered that the IPv6 implementation of the Linux kernel did not
properly manage route cache memory usage. A remote attacker could use this
to cause a denial of service (memory exhaustion). (CVE-2023-52340)
It was discovered that the device mapper driver in the Linux kernel did not
properly validate target size during certain memory allocations. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2023-52429, CVE-2024-23851)
Dan Carpenter discovered that the netfilter subsystem in the Linux kernel
did not store data in properly sized memory locations. A local user could
use this to cause a denial of service (system crash). (CVE-2024-0607)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Architecture specifics;
- Cryptographic API;
- Android drivers;
- EDAC drivers;
- GPU drivers;
- Media drivers;
- MTD block device drivers;
- Network drivers;
- NVME drivers;
- TTY drivers;
- Userspace I/O drivers;
- F2FS file system;
- GFS2 file system;
- IPv6 Networking;
- AppArmor security module;
(CVE-2023-52464, CVE-2023-52448, CVE-2023-52457, CVE-2023-52443,
CVE-2023-52439, CVE-2023-52612, CVE-2024-26633, CVE-2024-26597,
CVE-2023-52449, CVE-2023-52444, CVE-2023-52609, CVE-2023-52469,
CVE-2023-52445, CVE-2023-52451, CVE-2023-52470, CVE-2023-52454,
CVE-2023-52436, CVE-2023-52438)