Aggregator | Linuxlookup

Changelog * Mon Nov 24 2025 Andrew Bauer <zonexpertconsulting@outlook.com> - 32.0.2-1 - 32.0.2 release RHBZ#2416087 RHBZ#2415750 RHBZ#2415751 RHBZ#2415752 RHBZ#2415753

USN-7883-1: OpenJDK 17 vulnerabilities

Ubuntu Security Advisories

2 weeks 5 days ago

Jinfeng Guo discovered that the Security component of OpenJDK 17 did not correctly handle certain representations of encoded strings. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. (CVE-2025-53057) Darius Bohni discovered that the JAXP component of OpenJDK 17 was vulnerable to a XML External Entity (XEE) attack. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. (CVE-2025-53066) In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://openjdk.org/groups/vulnerability/advisories/2025-10-21

USN-7882-1: OpenJDK 11 vulnerabilities

Ubuntu Security Advisories

2 weeks 5 days ago

Jinfeng Guo discovered that the Security component of OpenJDK 11 did not correctly handle certain representations of encoded strings. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. (CVE-2025-53057) Darius Bohni discovered that the JAXP component of OpenJDK 11 was vulnerable to a XML External Entity (XEE) attack. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. (CVE-2025-53066) In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://openjdk.org/groups/vulnerability/advisories/2025-10-21

6.18-rc7: mainline

Linux Kernel Releases

2 weeks 5 days ago

Version:6.18-rc7 (mainline) Released:2025-11-23 Source:linux-6.18-rc7.tar.gz Patch:full (incremental)

webkitgtk-2.50.2-1.fc42

Fedora Security Advisories

2 weeks 5 days ago

FEDORA-2025-4fc934f283 Packages in this update:

webkitgtk-2.50.2-1.fc42

Update description:

Prevent unsafe URI schemes from participating in media playback.
Make jsc_value_array_buffer_get_data() function introspectable.
Fix logging in to Google accounts that have a WebAuthn second factor configured.
Fix loading webkit://gpu when there are no threads configured for GPU rendering.
Fix rendering gradients that use the CSS hue interpolation method.
Fix pasting image data from the clipboard.
Fix font-family selection when the font name contains spaces.
Fix capturing canvas snapshots in the Web Inspector.
Fix several crashes and rendering issues.
2.50.2 CVE fixes: CVE-2023-43000, CVE-2025-43392, CVE-2025-43419, CVE-2025-43425, CVE-2025-43427, CVE-2025-43429, CVE-2025-43430, CVE-2025-43431, CVE-2025-43432, CVE-2025-43434, CVE-2025-43440, CVE-2025-43443, CVE-2025-43480
This Fedora update additionally fixes CVE-2025-43421 via a downstream patch

webkitgtk-2.50.2-1.fc43

Fedora Security Advisories

2 weeks 5 days ago

FEDORA-2025-6f3e9e3af6 Packages in this update:

webkitgtk-2.50.2-1.fc43

Update description:

Prevent unsafe URI schemes from participating in media playback.
Make jsc_value_array_buffer_get_data() function introspectable.
Fix logging in to Google accounts that have a WebAuthn second factor configured.
Fix loading webkit://gpu when there are no threads configured for GPU rendering.
Fix rendering gradients that use the CSS hue interpolation method.
Fix pasting image data from the clipboard.
Fix font-family selection when the font name contains spaces.
Fix capturing canvas snapshots in the Web Inspector.
Fix several crashes and rendering issues.
2.50.2 CVE fixes: CVE-2023-43000, CVE-2025-43392, CVE-2025-43419, CVE-2025-43425, CVE-2025-43427, CVE-2025-43429, CVE-2025-43430, CVE-2025-43431, CVE-2025-43432, CVE-2025-43434, CVE-2025-43440, CVE-2025-43443, CVE-2025-43480
This Fedora update additionally fixes CVE-2025-43421 via a downstream patch