Aggregator

roundcubemail-1.7.1-1.fc44

Fedora Security Advisories
1 week 5 days ago
FEDORA-2026-2b956d89d3 Packages in this update:
  • roundcubemail-1.7.1-1.fc44
Update description: Release 1.7.1
  • Enigma: Support automatic public key lookup (import) using HKP v1 protocol (#5314)
  • Managesieve: Fix error when a mail message contains duplicate List-Id header (#10186)
  • Clarified Elastic installation instructions (#10163)
  • Added HTMLFormElement.requestSubmit() polyfill for older browsers (#10179)
  • Fix so "has:attachment" search uses $HasAttachment/$HasNoAttachment keywords (#10168)
  • Fix potential too long value in IMAP ID command (#10136)
  • Fix redis/memcache disconnection in rcube::sleep() (#10127)
  • Fix so static resources, e.g. skin_logo can be put inside the public_html directory (#10160)
  • Fix so REQUEST_URI is used as a fallback if PATH_INFO is not set in static.php (#10181)
  • Fix assets_path feature and remove dependency on PATH_INFO (#10185)
  • Fix MySQL upgrade on MySQL < 8.0 and MariaDB < 10.5.3 (#10188)
  • Security: Fix stored XSS/HTML/CSS injection in subject field of the draft restore dialog
  • Security: Fix CSS injection bypass in HTML sanitizer via SVG <animate attributeName="style">
  • Security: Fix pre-auth SQL injection in virtuser_query plugin via preg_replace backslash escape bypass
  • Security: Fix SSRF bypass via specific local address URLs
  • Security: Fix bypass of remote image blocking via CSS var()
  • Security: Fix local/private URL fetch bypass when remote resources were not allowed
  • Security: Fix pre-auth arbitrary file delete via redis/memcache session poisoning bypass
  • Security: Fix code injection vulnerability - remove support for code evaluation in LDAP autovalues option

perl-Catalyst-Plugin-Authentication-0.10026-1.fc43

Fedora Security Advisories
1 week 6 days ago
FEDORA-2026-af4f5feae8 Packages in this update:
  • perl-Catalyst-Plugin-Authentication-0.10026-1.fc43
Update description:

Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks since these versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash or password. Version 0.10026 of the module fixes this issue.

perl-Catalyst-Plugin-Authentication-0.10026-1.fc44

Fedora Security Advisories
1 week 6 days ago
FEDORA-2026-26666575ae Packages in this update:
  • perl-Catalyst-Plugin-Authentication-0.10026-1.fc44
Update description:

Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks since these versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash or password. Version 0.10026 of the module fixes this issue.

perl-Catalyst-Plugin-Authentication-0.10026-1.fc42

Fedora Security Advisories
1 week 6 days ago
FEDORA-2026-0a2c98c91f Packages in this update:
  • perl-Catalyst-Plugin-Authentication-0.10026-1.fc42
Update description:

Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks since these versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash or password. Version 0.10026 of the module fixes this issue.

mingw-objfw-1.5.4-1.fc43

Fedora Security Advisories
1 week 6 days ago
FEDORA-2026-67762cee82 Packages in this update:
  • mingw-objfw-1.5.4-1.fc43
Update description:

Update to 1.5.4. Fixes a buffer overflow caused by integer promotion rules in OFBMPImageFormatHandler and OFQOIImageFormatHandler.

Update to 1.5.3

mingw-objfw-1.5.4-1.fc42

Fedora Security Advisories
1 week 6 days ago
FEDORA-2026-513552060a Packages in this update:
  • mingw-objfw-1.5.4-1.fc42
Update description:

Update to 1.5.4. Fixes a buffer overflow caused by integer promotion rules in OFBMPImageFormatHandler and OFQOIImageFormatHandler.

Update to 1.5.3

mingw-objfw-1.5.4-1.fc44

Fedora Security Advisories
1 week 6 days ago
FEDORA-2026-59c21cd48b Packages in this update:
  • mingw-objfw-1.5.4-1.fc44
Update description:

Update to 1.5.4. Fixes a buffer overflow caused by integer promotion rules in OFBMPImageFormatHandler and OFQOIImageFormatHandler.

Update to 1.5.3

objfw-1.5.4-1.fc44

Fedora Security Advisories
1 week 6 days ago
FEDORA-2026-f9938a84c7 Packages in this update:
  • objfw-1.5.4-1.fc44
Update description:

Update to 1.5.4. Fixes a buffer overflow caused by integer promotion rules in OFBMPImageFormatHandler and OFQOIImageFormatHandler.

Update to 1.5.3

objfw-1.5.4-1.el10_2

Fedora Security Advisories
1 week 6 days ago
FEDORA-EPEL-2026-bd1cc59137 Packages in this update:
  • objfw-1.5.4-1.el10_2
Update description:

Update to 1.5.4. Fixes a buffer overflow caused by integer promotion rules in OFBMPImageFormatHandler and OFQOIImageFormatHandler.

objfw-1.5.4-1.el9

Fedora Security Advisories
1 week 6 days ago
FEDORA-EPEL-2026-2538be24ab Packages in this update:
  • objfw-1.5.4-1.el9
Update description:

Update to 1.5.4. Fixes a buffer overflow caused by integer promotion rules in OFBMPImageFormatHandler and OFQOIImageFormatHandler.

Update to 1.5.3

objfw-1.5.4-1.el8

Fedora Security Advisories
1 week 6 days ago
FEDORA-EPEL-2026-82451c4348 Packages in this update:
  • objfw-1.5.4-1.el8
Update description:

Update to 1.5.4. Fixes a buffer overflow caused by integer promotion rules in OFBMPImageFormatHandler and OFQOIImageFormatHandler.

Update to 1.5.3

objfw-1.5.4-1.el10_3

Fedora Security Advisories
1 week 6 days ago
FEDORA-EPEL-2026-9638648de3 Packages in this update:
  • objfw-1.5.4-1.el10_3
Update description:

Update to 1.5.4. Fixes a buffer overflow caused by integer promotion rules in OFBMPImageFormatHandler and OFQOIImageFormatHandler.

Update to 1.5.3