Aggregator

docker-buildkit-0.26.1-1.fc41

Fedora Security Advisories
21 hours 55 minutes ago
FEDORA-2025-1ccd7dbf40 Packages in this update:
  • docker-buildkit-0.26.1-1.fc41
Update description:

Update to release v0.26.1

  • Update to release v0.26.0
  • Resolves: rhbz#2412681, rhbz#2412761
  • Upstream new features and fixes
  • dependency override for moby/policy-helper needed for license (default version does not a a license file)

docker-buildkit-0.26.1-1.fc42

Fedora Security Advisories
22 hours 10 minutes ago
FEDORA-2025-308cf4259b Packages in this update:
  • docker-buildkit-0.26.1-1.fc42
Update description:

Update to release v0.26.1

  • Update to release v0.26.0
  • Resolves: rhbz#2412681, rhbz#2412761
  • Upstream new features and fixes
  • dependency override for moby/policy-helper needed for license (default version does not a a license file)c

docker-buildx-0.30.1-1.fc41

Fedora Security Advisories
22 hours 10 minutes ago
FEDORA-2025-6e24679a4d Packages in this update:
  • docker-buildx-0.30.1-1.fc41
Update description:
  • Update to release v0.30.1
  • Upstream fix
  • Update to release v0.30.0
  • Resolves: rhbz#2413270
  • Resolves: rhbz#2407614, rhbz#2407881, rhbz#2408158, rhbz#2409066
  • Resolves: rhbz#2409350, rhbz#2409628, rhbz#2410014, rhbz#2410300
  • Resolves: rhbz#2410579, rhbz#2410946, rhbz#2411477, rhbz#2412381
  • Resolves: rhbz#2412530, rhbz#2412682, rhbz#2412762
  • Upstream new features and fixes

docker-buildx-0.30.1-1.fc42

Fedora Security Advisories
22 hours 58 minutes ago
FEDORA-2025-04cf139ee2 Packages in this update:
  • docker-buildx-0.30.1-1.fc42
Update description:
  • Update to release v0.30.1
  • Upstream fix
  • Update to release v0.30.0
  • Resolves: rhbz#2413270
  • Resolves: rhbz#2407614, rhbz#2407881, rhbz#2408158, rhbz#2409066
  • Resolves: rhbz#2409350, rhbz#2409628, rhbz#2410014, rhbz#2410300
  • Resolves: rhbz#2410579, rhbz#2410946, rhbz#2411477, rhbz#2412381
  • Resolves: rhbz#2412530, rhbz#2412682, rhbz#2412762
  • Upstream new features and fixes

docker-buildkit-0.26.1-1.fc43

Fedora Security Advisories
23 hours 2 minutes ago
FEDORA-2025-264853458b Packages in this update:
  • docker-buildkit-0.26.1-1.fc43
Update description:

Update to release v0.26.1

  • Update to release v0.26.0
  • Resolves: rhbz#2412681, rhbz#2412761
  • Upstream new features and fixes
  • dependency override for moby/policy-helper needed for license (default version does not a a license file)

docker-buildx-0.30.1-1.fc43

Fedora Security Advisories
23 hours 12 minutes ago
FEDORA-2025-b1d7d7f8db Packages in this update:
  • docker-buildx-0.30.1-1.fc43
Update description:
  • Update to release v0.30.1
  • Upstream fix
  • Update to release v0.30.0
  • Resolves: rhbz#2413270
  • Resolves: rhbz#2407614, rhbz#2407881, rhbz#2408158, rhbz#2409066
  • Resolves: rhbz#2409350, rhbz#2409628, rhbz#2410014, rhbz#2410300
  • Resolves: rhbz#2410579, rhbz#2410946, rhbz#2411477, rhbz#2412381
  • Resolves: rhbz#2412530, rhbz#2412682, rhbz#2412762
  • Upstream new features and fixes

sudo-rs-0.2.10-1.fc41

Fedora Security Advisories
1 day 4 hours ago
FEDORA-2025-ada7909175 Packages in this update:
  • sudo-rs-0.2.10-1.fc41
Update description:

Update to version 0.2.10.

This release includes fixes for CVE-2025-64170 and CVE-2025-64517.

sudo-rs-0.2.10-1.fc42

Fedora Security Advisories
1 day 4 hours ago
FEDORA-2025-4388808bbf Packages in this update:
  • sudo-rs-0.2.10-1.fc42
Update description:

Update to version 0.2.10.

This release includes fixes for CVE-2025-64170 and CVE-2025-64517.

sudo-rs-0.2.10-1.fc43

Fedora Security Advisories
1 day 4 hours ago
FEDORA-2025-a9d9780cbb Packages in this update:
  • sudo-rs-0.2.10-1.fc43
Update description:

Update to version 0.2.10.

This release includes fixes for CVE-2025-64170 and CVE-2025-64517.

linux-firmware-20251111-1.fc43

Fedora Security Advisories
1 day 8 hours ago
FEDORA-2025-0ef7552461 Packages in this update:
  • linux-firmware-20251111-1.fc43
Update description:

Upstream linux-firmware 20251111 release:

  • rtl_bt: Update RTL8922A BT USB firmware to 0x41C0_C905
  • add firmware for mt7987 internal 2.5G ethernet phy
  • rtw88: 8822b: Update firmware to v30.20.0
  • rtl_nic: add firmware rtl8125k-1
  • ASoC: tas2781: Update dsp firmware for HP and ASUS projects
  • amdgpu: DMCUB updates for various ASICs
  • qcom: add SOCCP firmware for kaanapali platform
  • xe: Update GUC to v70.53.0 for BMG, LNL, PTL
  • i915: Update GUC to v70.53.0 for DG2, MTL
  • rtw89: 8851b: update fw to v0.29.41.5
  • rtw89: 8852b: update fw to v0.29.128.0 with format suffix -2
  • rtw89: 8852b: update fw to v0.29.29.14
  • rtw89: 8852bt: update fw to v0.29.127.0 with format suffix -1
  • Update firmware file for Intel BlazarI/BlazarU core
  • Create audio folder in ti folder, and move all the audio firmwares into it
  • amdgpu: DMCUB updates for various ASICs
  • Update AMD cpu microcode
  • mediatek MT7925: update bluetooth firmware to 20251015213201
  • rtl_bt: Add firmware and config files for RTL8761CUV
  • Update AMD cpu microcode
  • qcom: add ADSP firmware for kaanapali platform
  • amdgpu: DMCUB updates for various ASICs
  • mediatek MT7920: update bluetooth firmware to 20251020151255
  • update firmware for MT7920/MT7922/MT7925 WiFi device
  • amd-ucode: Fix minimum revisions in README
  • cirrus: cs35l41: Rename various Asus Laptop firmware files to not have Speaker ID
  • mediatek MT7922: update bluetooth firmware to 20251020143443

linux-firmware-20251111-1.fc42

Fedora Security Advisories
1 day 8 hours ago
FEDORA-2025-ecd9a3485b Packages in this update:
  • linux-firmware-20251111-1.fc42
Update description:

Upstream linux-firmware 20251111 release:

  • rtl_bt: Update RTL8922A BT USB firmware to 0x41C0_C905
  • add firmware for mt7987 internal 2.5G ethernet phy
  • rtw88: 8822b: Update firmware to v30.20.0
  • rtl_nic: add firmware rtl8125k-1
  • ASoC: tas2781: Update dsp firmware for HP and ASUS projects
  • amdgpu: DMCUB updates for various ASICs
  • qcom: add SOCCP firmware for kaanapali platform
  • xe: Update GUC to v70.53.0 for BMG, LNL, PTL
  • i915: Update GUC to v70.53.0 for DG2, MTL
  • rtw89: 8851b: update fw to v0.29.41.5
  • rtw89: 8852b: update fw to v0.29.128.0 with format suffix -2
  • rtw89: 8852b: update fw to v0.29.29.14
  • rtw89: 8852bt: update fw to v0.29.127.0 with format suffix -1
  • Update firmware file for Intel BlazarI/BlazarU core
  • Create audio folder in ti folder, and move all the audio firmwares into it
  • amdgpu: DMCUB updates for various ASICs
  • Update AMD cpu microcode
  • mediatek MT7925: update bluetooth firmware to 20251015213201
  • rtl_bt: Add firmware and config files for RTL8761CUV
  • Update AMD cpu microcode
  • qcom: add ADSP firmware for kaanapali platform
  • amdgpu: DMCUB updates for various ASICs
  • mediatek MT7920: update bluetooth firmware to 20251020151255
  • update firmware for MT7920/MT7922/MT7925 WiFi device
  • amd-ucode: Fix minimum revisions in README
  • cirrus: cs35l41: Rename various Asus Laptop firmware files to not have Speaker ID
  • mediatek MT7922: update bluetooth firmware to 20251020143443

jfrog-cli-2.78.3-2.el9

Fedora Security Advisories
1 day 12 hours ago
FEDORA-EPEL-2025-f63e98e319 Packages in this update:
  • jfrog-cli-2.78.3-2.el9
Update description:

Rebuild with Go 1.25.3 to address standard library vulnerabilities: CVE-2025-58189, CVE-2025-61725, CVE-2025-61723, CVE-2025-58185, CVE-2025-58188, CVE-2025-58183.

LSN-0116-1: Kernel Live Patch Security Notice

Ubuntu Security Advisories
1 day 13 hours ago
In the Linux kernel, the following vulnerability has been resolved: net: atlantic: eliminate double free in error handling logic Driver has a logic leak in ring data allocation/free, where aq_ring_free could be called multiple times on same ring, if system is under stress and got memory allocation error. In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctp_sf_ootb() A size validation fix similar to that in Commit 50619dbf8db7 ('sctp: add size validation when walking chunks') is also required in sctp_sf_ootb() to address a crash reported by syzbot: BUG: KMSAN: uninit-value in sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712 sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712 sctp_do_sm+0x181/0x93d0 net/sctp/sm_sideeffect.c:1166 sctp_endpoint_bh_rcv+0xc38/0xf90 net/sctp/endpointola.c:407 sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88 sctp_rcv+0x3831/0x3b20 net/sctp/input.c:243 sctp4_rcv+0x42/0x50 net/sctp/protocol.c:1159 ip_protocol_deliver_rcu+0xb51/0x13d0 net/ipv4/ip_input.c:205 ip_local_deliver_finish+0x336/0x500 net/ipv4/ip_input.c:233)(CVE-2024-50299). In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. In the Linux kernel, the following vulnerability has been resolved: ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit After an insertion in TNC, the tree might split and cause a node to change its `znode->parent`. In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent NULL dereference in nfsd4_process_cb_update() @ses is initialized to NULL. In the Linux kernel, the following vulnerability has been resolved: padata: fix UAF in padata_reorder A bug was found when run ltp test: BUG: KASAN: slab-use-after-free in padata_find_next+0x29/0x1a0 Read of size 4 at addr ffff88bbfe003524 by task kworker/u113:2/3039206 CPU: 0 PID: 3039206 Comm: kworker/u113:2 Kdump: loaded Not tainted 6.6.0+ Workqueue: pdecrypt_parallel padata_parallel_worker Call Trace: dump_stack_lvl+0x32/0x50 print_address_description.constprop.0+0x6b/0x3d0 print_report+0xdd/0x2c0 kasan_report+0xa5/0xd0 padata_find_next+0x29/0x1a0 padata_reorder+0x131/0x220 padata_parallel_worker+0x3d/0xc0 process_one_work+0x2ec/0x5a0 If 'mdelay(10)' is added before calling 'padata_find_next' in the 'padata_reorder' function, this issue could be reproduced easily with ltp test (pcrypt_aead01). In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() If an exiting non-autoreaping task has already passed exit_notify() and calls handle_posix_cpu_timers() from IRQ, it can be reaped by its parent or debugger right after unlock_task_sighand().

cef-142.0.10^chromium142.0.7444.162-2.fc43

Fedora Security Advisories
1 day 19 hours ago
FEDORA-2025-604e02ca72 Packages in this update:
  • cef-142.0.10^chromium142.0.7444.162-2.fc43
Update description:

Update to 142.0.7444.162

  • High CVE-2025-12725: Out of bounds write in WebGPU
  • High CVE-2025-12726: Inappropriate implementation in Views
  • High CVE-2025-12727: Inappropriate implementation in V8
  • Medium CVE-2025-12728: Inappropriate implementation in Omnibox
  • Medium CVE-2025-12729: Inappropriate implementation in Omnibox
  • High CVE-2025-12428: Type Confusion in V8
  • High CVE-2025-12429: Inappropriate implementation in V8
  • High CVE-2025-12430: Object lifecycle issue in Media
  • High CVE-2025-12431: Inappropriate implementation in Extensions
  • High CVE-2025-12432: Race in V8
  • High CVE-2025-12433: Inappropriate implementation in V8
  • High CVE-2025-12036: Inappropriate implementation in V8
  • Medium CVE-2025-12434: Race in Storage
  • Medium CVE-2025-12435: Incorrect security UI in Omnibox
  • Medium CVE-2025-12436: Policy bypass in Extensions
  • Medium CVE-2025-12437: Use after free in PageInfo
  • Medium CVE-2025-12438: Use after free in Ozone
  • Medium CVE-2025-12439: Inappropriate implementation in App-Bound Encryption
  • Low CVE-2025-12440: Inappropriate implementation in Autofill
  • Medium CVE-2025-12441: Out of bounds read in V8
  • Medium CVE-2025-12443: Out of bounds read in WebXR
  • Low CVE-2025-12444: Incorrect security UI in Fullscreen UI
  • Low CVE-2025-12445: Policy bypass in Extensions
  • Low CVE-2025-12446: Incorrect security UI in SplitView
  • Low CVE-2025-12447: Incorrect security UI in Omnibox

cef-142.0.10^chromium142.0.7444.162-2.fc42

Fedora Security Advisories
1 day 19 hours ago
FEDORA-2025-58193e3850 Packages in this update:
  • cef-142.0.10^chromium142.0.7444.162-2.fc42
Update description:

Update to 142.0.7444.162

  • High CVE-2025-12725: Out of bounds write in WebGPU
  • High CVE-2025-12726: Inappropriate implementation in Views
  • High CVE-2025-12727: Inappropriate implementation in V8
  • Medium CVE-2025-12728: Inappropriate implementation in Omnibox
  • Medium CVE-2025-12729: Inappropriate implementation in Omnibox
  • High CVE-2025-12428: Type Confusion in V8
  • High CVE-2025-12429: Inappropriate implementation in V8
  • High CVE-2025-12430: Object lifecycle issue in Media
  • High CVE-2025-12431: Inappropriate implementation in Extensions
  • High CVE-2025-12432: Race in V8
  • High CVE-2025-12433: Inappropriate implementation in V8
  • High CVE-2025-12036: Inappropriate implementation in V8
  • Medium CVE-2025-12434: Race in Storage
  • Medium CVE-2025-12435: Incorrect security UI in Omnibox
  • Medium CVE-2025-12436: Policy bypass in Extensions
  • Medium CVE-2025-12437: Use after free in PageInfo
  • Medium CVE-2025-12438: Use after free in Ozone
  • Medium CVE-2025-12439: Inappropriate implementation in App-Bound Encryption
  • Low CVE-2025-12440: Inappropriate implementation in Autofill
  • Medium CVE-2025-12441: Out of bounds read in V8
  • Medium CVE-2025-12443: Out of bounds read in WebXR
  • Low CVE-2025-12444: Incorrect security UI in Fullscreen UI
  • Low CVE-2025-12445: Policy bypass in Extensions
  • Low CVE-2025-12446: Incorrect security UI in SplitView
  • Low CVE-2025-12447: Incorrect security UI in Omnibox

USN-7871-1: FFmpeg vulnerability

Ubuntu Security Advisories
1 day 23 hours ago
It was discovered that FFmpeg incorrectly handled memory allocation in the ALS audio decoder. If a user was tricked into loading a crafted media file, a remote attacker could possibly use this issue to make FFmpeg crash, resulting in a denial of service.