python-idna-3.7-1.fc40
FEDORA-2024-098b5d9719
Packages in this update:
- python-idna-3.7-1.fc40
Update to 3.7 (rhbz#2274439), security fix for CVE-2024-3651
Aggregator
thunderbird-115.10.0-1.fc39
FEDORA-2024-9435d59fbd
Packages in this update:
- thunderbird-115.10.0-1.fc39
Update to 115.10.0
thunderbird-115.10.0-1.fc38
FEDORA-2024-3bf131ce13
Packages in this update:
- thunderbird-115.10.0-1.fc38
Update to 115.10.0
golang-github-prometheus-alertmanager-0.27.0-1.fc41
FEDORA-2024-8580c06716
Packages in this update:
- golang-github-prometheus-alertmanager-0.27.0-1.fc41
Automatic update for golang-github-prometheus-alertmanager-0.27.0-1.fc41.
Changelog * Thu Apr 18 2024 Mikel Olasagasti Uranga <mikel@olasagasti.info> - 0.27.0-1 - Update to 0.27.0 - Closes rhbz#2064711 rhbz#2248329 rhbz#2260773 rhbz#2261192 * Sun Feb 11 2024 Maxwell G <maxwell@gtmx.me> - 0.23.0-20 - Rebuild for golang 1.22.0 * Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.23.0-19 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sat Jan 20 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.23.0-18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.23.0-16 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuildhttpd-2.4.59-2.fc38
FEDORA-2024-c2f6576348
Packages in this update:
- httpd-2.4.59-2.fc38
This update includes httpd version 2.4.59, fixing various security issues and bugs. See https://downloads.apache.org/httpd/CHANGES_2.4.59 for complete details of the changes in this release
next-20240418: linux-next
Version:next-20240418 (linux-next)
Released:2024-04-18
golang-opentelemetry-contrib-1.17.0-2.fc41 golang-opentelemetry-otel-1.17.0-1.fc41
FEDORA-2024-971a3a4ef7
Packages in this update:
- golang-opentelemetry-contrib-1.17.0-2.fc41
- golang-opentelemetry-otel-1.17.0-1.fc41
Update opentelemetry stack to 1.17
httpd-2.4.59-2.fc40
FEDORA-2024-937be154d8
Packages in this update:
- httpd-2.4.59-2.fc40
This update includes httpd version 2.4.59, fixing various security issues and bugs. See https://downloads.apache.org/httpd/CHANGES_2.4.59 for complete details of the changes in this release.
httpd-2.4.59-2.fc39
FEDORA-2024-d0dccd6b96
Packages in this update:
- httpd-2.4.59-2.fc39
This update includes httpd version 2.4.59, fixing various security issues and bugs. See https://downloads.apache.org/httpd/CHANGES_2.4.59 for complete details of the changes in this release.
USN-6729-2: Apache HTTP Server vulnerabilities
USN-6729-1 fixed several vulnerabilities in Apache. This update provides
the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
Orange Tsai discovered that the Apache HTTP Server incorrectly handled
validating certain input. A remote attacker could possibly use this
issue to perform HTTP request splitting attacks. (CVE-2023-38709)
Keran Mu and Jianjun Chen discovered that the Apache HTTP Server
incorrectly handled validating certain input. A remote attacker could
possibly use this issue to perform HTTP request splitting attacks.
(CVE-2024-24795)
Bartek Nowotarski discovered that the Apache HTTP Server HTTP/2 module
incorrectly handled endless continuation frames. A remote attacker could
possibly use this issue to cause the server to consume resources, leading
to a denial of service. This issue was addressed only in Ubuntu 18.04 LTS.
(CVE-2024-27316)
python-pip-23.2.1-2.fc39
FEDORA-2024-b72bc39c00
Packages in this update:
- python-pip-23.2.1-2.fc39
Security fix for CVE-2023-5752
python-pip-22.3.1-4.fc38
FEDORA-2024-600031d2e9
Packages in this update:
- python-pip-22.3.1-4.fc38
Security fix for CVE-2023-5752
putty-0.81-1.el8
FEDORA-EPEL-2024-99cf4e74b7
Packages in this update:
- putty-0.81-1.el8
Security fix for CVE-2024-31497.
putty-0.81-1.el9
FEDORA-EPEL-2024-79f96e9d05
Packages in this update:
- putty-0.81-1.el9
Security fix for CVE-2024-31497.
putty-0.81-1.fc38
FEDORA-2024-08a4a5ead8
Packages in this update:
- putty-0.81-1.fc38
Security fix for CVE-2024-31497.
putty-0.81-1.fc39
FEDORA-2024-cba85cc558
Packages in this update:
- putty-0.81-1.fc39
Security fix for CVE-2024-31497.
putty-0.81-1.fc40
FEDORA-2024-d85c1f7450
Packages in this update:
- putty-0.81-1.fc40
Security fix for CVE-2024-31497.
USN-6726-3: Linux kernel (Xilinx ZynqMP) vulnerabilities
Pratyush Yadav discovered that the Xen network backend implementation in
the Linux kernel did not properly handle zero length data request, leading
to a null pointer dereference vulnerability. An attacker in a guest VM
could possibly use this to cause a denial of service (host domain crash).
(CVE-2023-46838)
It was discovered that the IPv6 implementation of the Linux kernel did not
properly manage route cache memory usage. A remote attacker could use this
to cause a denial of service (memory exhaustion). (CVE-2023-52340)
It was discovered that the device mapper driver in the Linux kernel did not
properly validate target size during certain memory allocations. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2023-52429, CVE-2024-23851)
Dan Carpenter discovered that the netfilter subsystem in the Linux kernel
did not store data in properly sized memory locations. A local user could
use this to cause a denial of service (system crash). (CVE-2024-0607)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Architecture specifics;
- Cryptographic API;
- Android drivers;
- EDAC drivers;
- GPU drivers;
- Media drivers;
- MTD block device drivers;
- Network drivers;
- NVME drivers;
- TTY drivers;
- Userspace I/O drivers;
- F2FS file system;
- GFS2 file system;
- IPv6 Networking;
- AppArmor security module;
(CVE-2023-52464, CVE-2023-52448, CVE-2023-52457, CVE-2023-52443,
CVE-2023-52439, CVE-2023-52612, CVE-2024-26633, CVE-2024-26597,
CVE-2023-52449, CVE-2023-52444, CVE-2023-52609, CVE-2023-52469,
CVE-2023-52445, CVE-2023-52451, CVE-2023-52470, CVE-2023-52454,
CVE-2023-52436, CVE-2023-52438)
grub2-2.06-118.fc38
FEDORA-2024-01f402fae5
Packages in this update:
- grub2-2.06-118.fc38
Security fix for CVE-2023-4692
Security fix for CVE-2023-4693
Fri Mar 08 2024 Nicolas Frayer nfrayer@redhat.com - 2.06-118
- fs/xfs: Handle non-continuous data blocks in directory extents
- Related: #2254370
Fri Mar 08 2024 Nicolas Frayer nfrayer@redhat.com - 2.06-117
- GRUB2 NTFS driver vulnerabilities
- (CVE-2023-4692)
- (CVE-2023-4693)
- Resolves: #2236613
- Resolves: #2241978
- Resolves: #2241976
- Resolves: #2238343
grub2-2.06-120.fc39
FEDORA-2024-d09797f550
Packages in this update:
- grub2-2.06-120.fc39
Security fix for CVE-2023-4692
Security fix for CVE-2023-4693
Fri Apr 12 2024 Nicolas Frayer nfrayer@redhat.com - 2.06-120
- fs/xfs: Handle non-continuous data blocks in directory extents
- Related: #2254370
Fri Mar 08 2024 Nicolas Frayer nfrayer@redhat.com - 2.06-119
- GRUB2 NTFS driver vulnerabilities
- (CVE-2023-4692)
- (CVE-2023-4693)
- Resolves: #2236613
- Resolves: #2241978
- Resolves: #2241976
- Resolves: #2238343