Fedora Security Advisories

nextcloud-28.0.5-2.fc39

7 hours 14 minutes ago
FEDORA-2024-80aa2e0e55 Packages in this update:
  • nextcloud-28.0.5-2.fc39
Update description:

Update nextcloud to 28.0.5 and PR #11 PR #11 Many issues fixed by aviram: - Better HTTPS handling in Apache configs - Better cron job compatibility with APC - Better nextcloud-systemd-timer.service

nextcloud-28.0.5-2.fc40

7 hours 16 minutes ago
FEDORA-2024-456a389028 Packages in this update:
  • nextcloud-28.0.5-2.fc40
Update description:

Update nextcloud to 28.0.5 and PR #11 PR #11 Many issues fixed by aviram: - Better HTTPS handling in Apache configs - Better cron job compatibility with APC - Better nextcloud-systemd-timer.service

kernel-6.8.10-100.fc38

1 day 11 hours ago
FEDORA-2024-88abd103c8 Packages in this update:
  • kernel-6.8.10-100.fc38
Update description:

The 6.8.10 stable kernel update contains a number of important fixes across the tree

kernel-6.8.10-200.fc39

1 day 11 hours ago
FEDORA-2024-49fcf86f58 Packages in this update:
  • kernel-6.8.10-200.fc39
Update description:

The 6.8.10 stable kernel update contains a number of important fixes across the tree

kernel-6.8.10-300.fc40

1 day 11 hours ago
FEDORA-2024-92664ae6fe Packages in this update:
  • kernel-6.8.10-300.fc40
Update description:

The 6.8.10 stable kernel update contains a number of important fixes across the tree

webkitgtk-2.44.2-1.fc40

2 days 14 hours ago
FEDORA-2024-1f37da80ec Packages in this update:
  • webkitgtk-2.44.2-1.fc40
Update description:
  • Make gamepads visible on axis movements, and not only on button presses.
  • Disable the gst-libav AAC decoder.
  • Make user scripts and style sheets visible in the Web Inspector.
  • Use the geolocation portal where available, with the existing geoclue as fallback if the portal is not usable.
  • Use the printing portal when running sandboxed.
  • Use the file transfer portal for drag and drop when running sandboxed.
  • Avoid notifying an empty cursor rectangle to input methods.
  • Remove empty bar shown in detached inspector windows.
  • Consider keycode when activating application accelerators.
  • Fix several crashes and rendering issues.
  • Fix CVE-2024-27834

webkitgtk-2.44.2-1.fc39

2 days 14 hours ago
FEDORA-2024-3b912f1f3e Packages in this update:
  • webkitgtk-2.44.2-1.fc39
Update description:
  • Make gamepads visible on axis movements, and not only on button presses.
  • Disable the gst-libav AAC decoder.
  • Make user scripts and style sheets visible in the Web Inspector.
  • Use the geolocation portal where available, with the existing geoclue as fallback if the portal is not usable.
  • Use the printing portal when running sandboxed.
  • Use the file transfer portal for drag and drop when running sandboxed.
  • Avoid notifying an empty cursor rectangle to input methods.
  • Remove empty bar shown in detached inspector windows.
  • Consider keycode when activating application accelerators.
  • Fix several crashes and rendering issues.
  • Fix CVE-2024-27834

chromium-125.0.6422.60-1.el9

2 days 19 hours ago
FEDORA-EPEL-2024-38d250bafc Packages in this update:
  • chromium-125.0.6422.60-1.el9
Update description:

update to 125.0.6422.60

  • High CVE-2024-4947: Type Confusion in V8
  • High CVE-2024-4948: Use after free in Dawn
  • Medium CVE-2024-4949: Use after free in V8
  • Low CVE-2024-4950: Inappropriate implementation in Downloads

update to 124.0.6367.201

* High CVE-2024-4671: Use after free in Visuals
  • update to 124.0.6367.155

    • High CVE-2024-4558: Use after free in ANGLE
    • High CVE-2024-4559: Heap buffer overflow in WebAudio

update to 124.0.6367.118

* High CVE-2024-4331: Use after free in Picture In Picture * High CVE-2024-4368: Use after free in Dawn

update to 124.0.6367.91

update to 124.0.6367.78

* Critical CVE-2024-4058: Type Confusion in ANGLE * High CVE-2024-4059: Out of bounds read in V8 API * High CVE-2024-4060: Use after free in Dawn

update to 124.0.6367.60

  • High CVE-2024-3832: Object corruption in V8
  • High CVE-2024-3833: Object corruption in WebAssembly
  • High CVE-2024-3914: Use after free in V8
  • High CVE-2024-3834: Use after free in Downloads
  • Medium CVE-2024-3837: Use after free in QUIC
  • Medium CVE-2024-3838: Inappropriate implementation in Autofill
  • Medium CVE-2024-3839: Out of bounds read in Fonts
  • Medium CVE-2024-3840: Insufficient policy enforcement in Site Isolation
  • Medium CVE-2024-3841: Insufficient data validation in Browser Switcher
  • Medium CVE-2024-3843: Insufficient data validation in Downloads
  • Low CVE-2024-3844: Inappropriate implementation in Extensions
  • Low CVE-2024-3845: Inappropriate implementation in Network
  • Low CVE-2024-3846: Inappropriate implementation in Prompts
  • Low CVE-2024-3847: Insufficient policy enforcement in WebUI

update to 123.0.6312.122

  • High CVE-2024-3157: Out of bounds write in Compositing
  • High CVE-2024-3516: Heap buffer overflow in ANGLE
  • High CVE-2024-3515: Use after free in Dawn

chromium-125.0.6422.60-1.el8

2 days 19 hours ago
FEDORA-EPEL-2024-1fb3cec2e0 Packages in this update:
  • chromium-125.0.6422.60-1.el8
Update description:

update to 125.0.6422.60

  • High CVE-2024-4947: Type Confusion in V8
  • High CVE-2024-4948: Use after free in Dawn
  • Medium CVE-2024-4949: Use after free in V8
  • Low CVE-2024-4950: Inappropriate implementation in Downloads

update to 124.0.6367.201

* High CVE-2024-4671: Use after free in Visuals
  • update to 124.0.6367.155

    • High CVE-2024-4558: Use after free in ANGLE
    • High CVE-2024-4559: Heap buffer overflow in WebAudio

update to 124.0.6367.118

  • High CVE-2024-4331: Use after free in Picture In Picture
  • High CVE-2024-4368: Use after free in Dawn

chromium-125.0.6422.60-1.fc40

3 days 10 hours ago
FEDORA-2024-c01c1f5f82 Packages in this update:
  • chromium-125.0.6422.60-1.fc40
Update description:

update to 125.0.6422.60

* High CVE-2024-4947: Type Confusion in V8 * High CVE-2024-4948: Use after free in Dawn * Medium CVE-2024-4949: Use after free in V8 * Low CVE-2024-4950: Inappropriate implementation in Downloads

chromium-125.0.6422.60-1.fc38

3 days 10 hours ago
FEDORA-2024-3a548f46a8 Packages in this update:
  • chromium-125.0.6422.60-1.fc38
Update description:

update to 125.0.6422.60

* High CVE-2024-4947: Type Confusion in V8 * High CVE-2024-4948: Use after free in Dawn * Medium CVE-2024-4949: Use after free in V8 * Low CVE-2024-4950: Inappropriate implementation in Downloads

update to 124.0.6367.201

* High CVE-2024-4671: Use after free in Visuals
  • update to 124.0.6367.155

    • High CVE-2024-4558: Use after free in ANGLE
    • High CVE-2024-4559: Heap buffer overflow in WebAudio

update to 124.0.6367.118

* High CVE-2024-4331: Use after free in Picture In Picture * High CVE-2024-4368: Use after free in Dawn

update to 124.0.6367.91

chromium-125.0.6422.60-1.fc39

3 days 10 hours ago
FEDORA-2024-382a7dba53 Packages in this update:
  • chromium-125.0.6422.60-1.fc39
Update description:

update to 125.0.6422.60

* High CVE-2024-4947: Type Confusion in V8 * High CVE-2024-4948: Use after free in Dawn * Medium CVE-2024-4949: Use after free in V8 * Low CVE-2024-4950: Inappropriate implementation in Downloads
Checked
31 minutes 34 seconds ago