stb-0^20251025gitf1c79c0-2.el9
FEDORA-EPEL-2025-a91b94e5c1
Packages in this update:
- stb-0^20251025gitf1c79c0-2.el9
Patch two newly-reported memory-safety bugs in stb_image:
Aggregator
usd-25.02a-3.fc42
FEDORA-2025-073e4f7991
Packages in this update:
- usd-25.02a-3.fc42
Rebuilt with stb_image patched for two new security bugs.
stb-0^20251025gitf1c79c0-2.el10_1
FEDORA-EPEL-2025-632b8c5a36
Packages in this update:
- stb-0^20251025gitf1c79c0-2.el10_1
Patch two newly-reported memory-safety bugs in stb_image:
usd-25.08-10.fc43
FEDORA-2025-66db1eaeb8
Packages in this update:
- usd-25.08-10.fc43
Rebuilt with stb_image patched for two new security bugs.
USN-7889-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Media drivers;
- Network drivers;
- Netfilter;
- TLS protocol;
(CVE-2025-21729, CVE-2025-38227, CVE-2025-38616, CVE-2025-38678)
stb-0^20251025gitf1c79c0-2.el10_2
FEDORA-EPEL-2025-3c4c4e0490
Packages in this update:
- stb-0^20251025gitf1c79c0-2.el10_2
Patch two newly-reported memory-safety bugs in stb_image:
USN-7887-2: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Ublk userspace block driver;
- Clock framework and drivers;
- EDAC drivers;
- GPU drivers;
- IIO subsystem;
- InfiniBand drivers;
- Media drivers;
- MemoryStick subsystem;
- Network drivers;
- NTB driver;
- PCI subsystem;
- Remote Processor subsystem;
- Thermal drivers;
- Virtio Host (VHOST) subsystem;
- 9P distributed file system;
- File systems infrastructure;
- JFS file system;
- Network file system (NFS) server daemon;
- NTFS3 file system;
- SMB network file system;
- Memory management;
- RDMA verbs API;
- Kernel fork() syscall;
- Tracing infrastructure;
- Watch queue notification mechanism;
- Asynchronous Transfer Mode (ATM) subsystem;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- Netfilter;
- Network traffic control;
- SCTP protocol;
- TLS protocol;
- SoC Audio for Freescale CPUs drivers;
(CVE-2023-53034, CVE-2024-58092, CVE-2025-22018, CVE-2025-22019,
CVE-2025-22020, CVE-2025-22021, CVE-2025-22025, CVE-2025-22027,
CVE-2025-22028, CVE-2025-22033, CVE-2025-22035, CVE-2025-22036,
CVE-2025-22038, CVE-2025-22039, CVE-2025-22040, CVE-2025-22041,
CVE-2025-22042, CVE-2025-22044, CVE-2025-22045, CVE-2025-22047,
CVE-2025-22050, CVE-2025-22053, CVE-2025-22054, CVE-2025-22055,
CVE-2025-22056, CVE-2025-22057, CVE-2025-22058, CVE-2025-22060,
CVE-2025-22062, CVE-2025-22063, CVE-2025-22064, CVE-2025-22065,
CVE-2025-22066, CVE-2025-22068, CVE-2025-22070, CVE-2025-22071,
CVE-2025-22072, CVE-2025-22073, CVE-2025-22075, CVE-2025-22079,
CVE-2025-22080, CVE-2025-22081, CVE-2025-22083, CVE-2025-22086,
CVE-2025-22089, CVE-2025-22090, CVE-2025-22095, CVE-2025-22097,
CVE-2025-23136, CVE-2025-23138, CVE-2025-37937, CVE-2025-38152,
CVE-2025-38240, CVE-2025-38575, CVE-2025-38637, CVE-2025-39682,
CVE-2025-39728, CVE-2025-39735, CVE-2025-40114, CVE-2025-40157)
stb-0^20251025gitf1c79c0-2.fc42
FEDORA-2025-7ea43a29f2
Packages in this update:
- stb-0^20251025gitf1c79c0-2.fc42
Patch two newly-reported memory-safety bugs in stb_image:
stb-0^20251025gitf1c79c0-2.fc43
FEDORA-2025-55bbd18c79
Packages in this update:
- stb-0^20251025gitf1c79c0-2.fc43
Patch two newly-reported memory-safety bugs in stb_image:
next-20251125: linux-next
Version:next-20251125 (linux-next)
Released:2025-11-25
DSA-6061-1 tryton-sao - security update
DSA-6062-1 pdfminer - security update
USN-7888-1: MuPDF vulnerabilities
It was discovered that MuPDF could be made to divide by zero. An attacker
could possibly use this issue to cause a denial of service.
(CVE-2023-51103, CVE-2023-51104, CVE-2023-51105, CVE-2023-51106)
It was discovered that MuPDF incorrectly handled memory under certain
circumstances, which could lead to a NULL pointer dereference. An
attacker could potentially use this issue to cause a denial of service.
(CVE-2024-46657)
It was discovered that MuPDF could enter an infinite recursion when
parsing certain PDF files. An attacker could possibly use this issue to
cause a denial of service. (CVE-2025-46206)
openbao-2.4.4-1.fc42
FEDORA-2025-6b2336ec55
Packages in this update:
- openbao-2.4.4-1.fc42
update to upstream 2.4.4, which fixed CVE-2025-64761
Adds hsm tag.
The fedora-42 build was done with golang-1.24.10 which fixed CVE-2025-58183.
openbao-2.4.4-1.fc43
FEDORA-2025-c7f4367479
Packages in this update:
- openbao-2.4.4-1.fc43
update to upstream 2.4.4, fixing CVE-2025-64761.
Adds hsm tag.
The fedora-43 build was done with golang-1.25.4 which fixed CVE-2025-58189, CVE-2025-58188, CVE-2025-61725, CVE-2025-61723, CVE-2025-58185, and CVE-2025-58183.
openbao-2.4.4-1.el10_1
FEDORA-EPEL-2025-001ad6132c
Packages in this update:
- openbao-2.4.4-1.el10_1
update to upstream 2.4.4 which fixed CVE-2025-64761
openbao-2.4.4-1.el9
FEDORA-EPEL-2025-054eae36ef
Packages in this update:
- openbao-2.4.4-1.el9
update to upstream 2.4.4 which fixed CVE-2025-64761
Adds hsm tag.
openbao-2.4.4-1.el10_2
FEDORA-EPEL-2025-fae772942c
Packages in this update:
- openbao-2.4.4-1.el10_2
update to upstream 2.4.4 which fixed CVE-2025-64761
Rebuild to add hsm tag.
openbao-2.4.4-1.fc41
FEDORA-2025-45a7dd8f10
Packages in this update:
- openbao-2.4.4-1.fc41
update to upstream 2.4.4, which fixed CVE-2025-64761
Adds hsm tag.
The fedora-41 build was done with golang-1.24.10 which fixed CVE-2025-58189, CVE-2025-61725, CVE-2025-61723, CVE-2025-58185, and CVE-2025-58183.
openbao-2.4.4-1.el8
FEDORA-EPEL-2025-0739431e45
Packages in this update:
- openbao-2.4.4-1.el8
update to upstream 2.4.4 which fixed CVE-2025-64761
Adds hsm tag.