Aggregator

It was discovered that cups-filters incorrectly handled certain malformed TIFF image files. A remote attacker could use this issue to cause cups-filters to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2025-57812) It was discovered that cups-filters incorrectly handled certain malformed PDF document files. A remote attacker could use this issue to cause cups-filters to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2025-64503) It was discovered that cups-filters incorrectly handled certain malformed CUPS Raster files. A remote attacker could use this issue to cause cups-filters to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-64524)

It was discovered that libcupsfilters incorrectly handled certain malformed TIFF image files. A remote attacker could use this issue to cause libcupsfilters to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-57812) It was discovered that libcupsfilters incorrectly handled certain malformed PDF document files. A remote attacker could use this issue to cause libcupsfilters to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-64503)

Version:next-20251120 (linux-next) Released:2025-11-20

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this to expose sensitive information from the host OS. (CVE-2025-40300) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - HSI subsystem; - Bluetooth subsystem; - Timer subsystem; (CVE-2025-37838, CVE-2025-38118, CVE-2025-38352)

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this to expose sensitive information from the host OS. (CVE-2025-40300) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - DMA engine subsystem; - GPU drivers; - HSI subsystem; - Media drivers; - Ethernet team driver; - SPI subsystem; - USB core drivers; - Framebuffer layer; - BTRFS file system; - Ext4 file system; - Network file system (NFS) server daemon; - NILFS2 file system; - Timer subsystem; - DCCP (Datagram Congestion Control Protocol); - IPv6 networking; - NET/ROM layer; - Packet sockets; - Network traffic control; - SCTP protocol; - VMware vSockets driver; - USB sound devices; (CVE-2023-52477, CVE-2023-52574, CVE-2023-52650, CVE-2024-27074, CVE-2024-35849, CVE-2024-41006, CVE-2024-47685, CVE-2024-49924, CVE-2024-50006, CVE-2024-50051, CVE-2024-50202, CVE-2024-50299, CVE-2024-53124, CVE-2024-53130, CVE-2024-53131, CVE-2024-53150, CVE-2024-56767, CVE-2024-57996, CVE-2025-21796, CVE-2025-37752, CVE-2025-37785, CVE-2025-37838, CVE-2025-38350, CVE-2025-38352, CVE-2025-38477, CVE-2025-38617, CVE-2025-38618)

FEDORA-2025-355d5aac01 Packages in this update:

• drupal7-7.103-1.fc43

Update description:

• https://www.drupal.org/project/drupal/releases/7.99
• https://www.drupal.org/project/drupal/releases/7.100
• https://www.drupal.org/project/drupal/releases/7.101
• https://www.drupal.org/project/drupal/releases/7.102
  • https://www.drupal.org/sa-core-2024-005
  • https://www.drupal.org/sa-core-2024-008
• https://www.drupal.org/project/drupal/releases/7.103

FEDORA-2025-f8a08bb335 Packages in this update:

• drupal7-7.103-1.fc42

Update description:

• https://www.drupal.org/project/drupal/releases/7.99
• https://www.drupal.org/project/drupal/releases/7.100
• https://www.drupal.org/project/drupal/releases/7.101
• https://www.drupal.org/project/drupal/releases/7.102
  • https://www.drupal.org/sa-core-2024-005
  • https://www.drupal.org/sa-core-2024-008
• https://www.drupal.org/project/drupal/releases/7.103

FEDORA-2025-d645721ca4 Packages in this update:

• drupal7-7.103-1.fc41

Update description:

• https://www.drupal.org/project/drupal/releases/7.99
• https://www.drupal.org/project/drupal/releases/7.100
• https://www.drupal.org/project/drupal/releases/7.101
• https://www.drupal.org/project/drupal/releases/7.102
  • https://www.drupal.org/sa-core-2024-005
  • https://www.drupal.org/sa-core-2024-008
• https://www.drupal.org/project/drupal/releases/7.103

FEDORA-2025-96f340d7a0 Packages in this update:

• source-to-image-1.5.1-1.fc42

Update description:

Update to 1.5.1, migrate to Go Vendor Tools

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this to expose sensitive information from the host OS. (CVE-2025-40300) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - HSI subsystem; - I3C subsystem; - SMB network file system; - Padata parallel execution mechanism; - Timer subsystem; - Networking core; (CVE-2023-52854, CVE-2024-35867, CVE-2024-50061, CVE-2024-56664, CVE-2025-21727, CVE-2025-37838, CVE-2025-38352)

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this to expose sensitive information from the host OS. (CVE-2025-40300) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - HSI subsystem; - I3C subsystem; - SMB network file system; - Padata parallel execution mechanism; - Timer subsystem; - Networking core; (CVE-2023-52854, CVE-2024-35867, CVE-2024-50061, CVE-2024-56664, CVE-2025-21727, CVE-2025-37838, CVE-2025-38352)

FEDORA-2025-dc3c993169 Packages in this update:

• source-to-image-1.5.1-1.fc43

Update description:

Update to 1.5.1, migrate to Go Vendor Tools

FEDORA-EPEL-2025-5b2095e2c2 Packages in this update:

• xpdf-4.06-1.el8

Update description:

Update to 4.06. Lots of bugfixes, but notably, security fixes for the following CVEs:

CVE-2024-2971 CVE-2024-3247 CVE-2024-3248 CVE-2024-3900 CVE-2024-4141 CVE-2024-4568 CVE-2024-4976 CVE-2024-7866 CVE-2024-7867 CVE-2024-7868 CVE-2025-2574 CVE-2025-3154 CVE-2025-11896

FEDORA-EPEL-2025-9a55de96db Packages in this update:

• xpdf-4.06-1.el9

Update description:

Update to 4.06. Lots of bugfixes, but notably, security fixes for the following CVEs:

CVE-2024-2971 CVE-2024-3247 CVE-2024-3248 CVE-2024-3900 CVE-2024-4141 CVE-2024-4568 CVE-2024-4976 CVE-2024-7866 CVE-2024-7867 CVE-2024-7868 CVE-2025-2574 CVE-2025-3154 CVE-2025-11896

FEDORA-2025-e72c726192 Packages in this update:

• xpdf-4.06-1.fc42

Update description:

Update to 4.06. Lots of bugfixes, but notably, security fixes for the following CVEs:

CVE-2024-2971 CVE-2024-3247 CVE-2024-3248 CVE-2024-3900 CVE-2024-4141 CVE-2024-4568 CVE-2024-4976 CVE-2024-7866 CVE-2024-7867 CVE-2024-7868 CVE-2025-2574 CVE-2025-3154 CVE-2025-11896

FEDORA-2025-7c5b6a3bcb Packages in this update:

• xpdf-4.06-1.fc43

Update description:

Update to 4.06. Lots of bugfixes, but notably, security fixes for the following CVEs:

CVE-2024-2971 CVE-2024-3247 CVE-2024-3248 CVE-2024-3900 CVE-2024-4141 CVE-2024-4568 CVE-2024-4976 CVE-2024-7866 CVE-2024-7867 CVE-2024-7868 CVE-2025-2574 CVE-2025-3154 CVE-2025-11896

FEDORA-2025-a6dd878882 Packages in this update:

• python-kdcproxy-1.1.0-1.fc44

Update description:

Automatic update for python-kdcproxy-1.1.0-1.fc44.

Changelog * Wed Nov 19 2025 Julien Rische <jrische@redhat.com> - 1.1.0-1 - New upstream version (1.1.0) - Use DNS discovery for declared realms only (CVE-2025-59088) Resolves: rhbz#2415861 - Fix DoS vulnerability based on unbounded TCP buffering (CVE-2025-59089) Resolves: rhbz#2415860 - Stop using deprecated \ CFLAGS="${CFLAGS:-${RPM_OPT_FLAGS}}" LDFLAGS="${LDFLAGS:-${RPM_LD_FLAGS}}"\ /usr/bin/python3 setup.py build --executable="/usr/bin/python3 -sP" /\ CFLAGS="${CFLAGS:-${RPM_OPT_FLAGS}}" LDFLAGS="${LDFLAGS:-${RPM_LD_FLAGS}}"\ /usr/bin/python3 setup.py install -O1 --skip-build --root /builddir/build/BUILD/python-kdcproxy-1.1.0-build/BUILDROOT --prefix /usr macros rm -rfv /builddir/build/BUILD/python-kdcproxy-1.1.0-build/BUILDROOT/usr/bin/__pycache__ Resolves: rhbz#2377837

FEDORA-2025-3f9b87b0e7 Packages in this update:

• python-kdcproxy-1.1.0-1.fc43

Update description:

• New upstream version (1.1.0)
• Use DNS discovery for declared realms only (CVE-2025-59088)
• Fix DoS vulnerability based on unbounded TCP buffering (CVE-2025-59089)
• Stop using deprecated %py3_build/%py3_install macros

FEDORA-2025-068c570cbf Packages in this update:

• python-kdcproxy-1.1.0-1.fc42

Update description:

• New upstream version (1.1.0)
• Use DNS discovery for declared realms only (CVE-2025-59088)
• Fix DoS vulnerability based on unbounded TCP buffering (CVE-2025-59089)

FEDORA-2025-3075610004 Packages in this update:

• python-kdcproxy-1.1.0-1.fc41

Update description:

• New upstream version (1.1.0)
• Use DNS discovery for declared realms only (CVE-2025-59088)
• Fix DoS vulnerability based on unbounded TCP buffering (CVE-2025-59089)