Fedora Security Advisories

edk2-20240813-2.fc40

19 hours 49 minutes ago
FEDORA-2024-45df72afc6 Packages in this update:
  • edk2-20240813-2.fc40
Update description:

Security fix for CVE-2023-6237 (openssl: Excessive time spent checking invalid RSA public keys)

edk2-20240813-2.fc41

20 hours 34 minutes ago
FEDORA-2024-9cc95d56ce Packages in this update:
  • edk2-20240813-2.fc41
Update description:

Security fix for CVE-2023-6237 (openssl: Excessive time spent checking invalid RSA public keys)

glibc-2.38-19.fc39

1 day 3 hours ago
FEDORA-2024-df41d584d0 Packages in this update:
  • glibc-2.38-19.fc39
Update description:

Auto-sync with upstream branch release/2.38/master

  • Add BuildRequires:gzip for compressed character maps and info files.

Upstream commit: 4dd8641461463b667b5503ab0ea4abcf261378a9

  • Add crt1-2.0.o for glibc 2.0 compatibility tests
  • libio: Attempt wide backup free only for non-legacy code
  • nptl: Use <support/check.h> facilities in tst-setuid3
  • posix: Use <support/check.h> facilities in tst-truncate and tst-truncate64
  • ungetc: Fix backup buffer leak on program exit [BZ #27821]
  • ungetc: Fix uninitialized read when putting into unused streams [BZ #27821]
  • Make tst-ungetc use libsupport
  • stdio-common: Add test for vfscanf with matches longer than INT_MAX [BZ #27650]
  • support: Add FAIL test failure helper
  • x86: Fix bug in strchrnul-evex512 [BZ #32078]
  • Fix name space violation in fortify wrappers (bug 32052)
  • resolv: Fix tst-resolv-short-response for older GCC (bug 32042)
  • Update syscall lists for Linux 6.5
  • Add mremap tests
  • mremap: Update manual entry
  • linux: Update the mremap C implementation [BZ #31968]
  • resolv: Track single-request fallback via _res._flags (bug 31476)
  • resolv: Do not wait for non-existing second DNS response after error (bug 30081)
  • resolv: Allow short error responses to match any query (bug 31890)
  • Linux: Make __rseq_size useful for feature detection (bug 31965)
  • elf: Make dl-rseq-symbols Linux only
  • nptl: fix potential merge of __rseq_* relro symbols
  • s390x: Fix segfault in wcsncmp [BZ #31934]
  • misc: Add support for Linux uio.h RWF_NOAPPEND flag
  • i386: Disable Intel Xeon Phi tests for GCC 15 and above (BZ 31782)
  • Force DT_RPATH for --enable-hardcoded-path-in-tests
  • resolv: Fix some unaligned accesses in resolver [BZ #30750]
  • nscd: Use time_t for return type of addgetnetgrentX
  • elf: Also compile dl-misc.os with $(rtld-early-cflags)
  • CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX (bug 31680)
  • CVE-2024-33600: nscd: Avoid null pointer crashes after notfound response (bug 31678)
  • CVE-2024-33600: nscd: Do not send missing not-found response in addgetnetgrentX (bug 31678)
  • CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bug 31677)
  • i386: ulp update for SSE2 --disable-multi-arch configurations
  • nptl: Fix tst-cancel30 on kernels without ppoll_time64 support
  • login: structs utmp, utmpx, lastlog _TIME_BITS independence (bug 30701)
  • login: Check default sizes of structs utmp, utmpx, lastlog
  • sparc: Remove 64 bit check on sparc32 wordsize (BZ 27574)

chromium-129.0.6668.100-1.el8

1 day 5 hours ago
FEDORA-EPEL-2024-599b158d30 Packages in this update:
  • chromium-129.0.6668.100-1.el8
Update description:

Update to 129.0.6668.100

* CVE-2024-9602: Type Confusion in V8 * CVE-2024-9603: Type Confusion in V

chromium-129.0.6668.100-1.el9

1 day 5 hours ago
FEDORA-EPEL-2024-ad170ba14e Packages in this update:
  • chromium-129.0.6668.100-1.el9
Update description:

Update to 129.0.6668.100

* CVE-2024-9602: Type Confusion in V8 * CVE-2024-9603: Type Confusion in V

rust-hyper-rustls-0.27.3-1.fc39 rust-reqwest-0.12.8-1.fc39 rust-rustls-native-certs-0.8.0-1.fc39 rust-rustls-native-certs0.7-0.7.3-1.fc39 rust-tonic-0.12.3-1.fc39 rust-tonic-build-0.12.3-1.fc39 rust-tonic-types-0.12.3-1.fc39 rust-tower-0.5.1-1.fc39 rust…

1 day 21 hours ago
FEDORA-2024-ff98facbc6 Packages in this update:
  • rust-hyper-rustls-0.27.3-1.fc39
  • rust-reqwest-0.12.8-1.fc39
  • rust-rustls-native-certs0.7-0.7.3-1.fc39
  • rust-rustls-native-certs-0.8.0-1.fc39
  • rust-tonic-0.12.3-1.fc39
  • rust-tonic-build-0.12.3-1.fc39
  • rust-tonic-types-0.12.3-1.fc39
  • rust-tower0.4-0.4.13-1.fc39
  • rust-tower-0.5.1-1.fc39
  • rust-tower-http0.5-0.5.2-1.fc39
  • rust-tower-http-0.6.1-1.fc39
Update description:
  • Update the hyper-rustls crate to version 0.27.3.
  • Update the reqwest crate to version 0.12.8.
  • Update the rustls-native-certs crate to version 0.8.0 and add a compat package for version 0.7.
  • Update the tonic, tonic-build, and tonic-types crates to version 0.12.3.
  • Update the tower crate to version 0.5.1 and add a compat package for version 0.4.
  • Update the tower-http crate to version 0.6.1 and add a compat package for version 0.5.

rust-hyper-rustls-0.27.3-1.fc40 rust-reqwest-0.12.8-1.fc40 rust-rustls-native-certs-0.8.0-1.fc40 rust-rustls-native-certs0.7-0.7.3-1.fc40 rust-tonic-0.12.3-1.fc40 rust-tonic-build-0.12.3-1.fc40 rust-tonic-types-0.12.3-1.fc40 rust-tower-0.5.1-1.fc40 rust…

1 day 21 hours ago
FEDORA-2024-bf524bf5c0 Packages in this update:
  • rust-hyper-rustls-0.27.3-1.fc40
  • rust-reqwest-0.12.8-1.fc40
  • rust-rustls-native-certs0.7-0.7.3-1.fc40
  • rust-rustls-native-certs-0.8.0-1.fc40
  • rust-tonic-0.12.3-1.fc40
  • rust-tonic-build-0.12.3-1.fc40
  • rust-tonic-types-0.12.3-1.fc40
  • rust-tower0.4-0.4.13-1.fc40
  • rust-tower-0.5.1-1.fc40
  • rust-tower-http0.5-0.5.2-1.fc40
  • rust-tower-http-0.6.1-1.fc40
Update description:
  • Update the hyper-rustls crate to version 0.27.3.
  • Update the reqwest crate to version 0.12.8.
  • Update the rustls-native-certs crate to version 0.8.0 and add a compat package for version 0.7.
  • Update the tonic, tonic-build, and tonic-types crates to version 0.12.3.
  • Update the tower crate to version 0.5.1 and add a compat package for version 0.4.
  • Update the tower-http crate to version 0.6.1 and add a compat package for version 0.5.

rust-hyper-rustls-0.27.3-1.fc41 rust-reqwest-0.12.8-1.fc41 rust-rustls-native-certs-0.8.0-1.fc41 rust-rustls-native-certs0.7-0.7.3-1.fc41 rust-tonic-0.12.3-1.fc41 rust-tonic-build-0.12.3-1.fc41 rust-tonic-types-0.12.3-1.fc41 rust-tower-0.5.1-1.fc41 rust…

1 day 21 hours ago
FEDORA-2024-347164df1c Packages in this update:
  • rust-hyper-rustls-0.27.3-1.fc41
  • rust-reqwest-0.12.8-1.fc41
  • rust-rustls-native-certs0.7-0.7.3-1.fc41
  • rust-rustls-native-certs-0.8.0-1.fc41
  • rust-tonic-0.12.3-1.fc41
  • rust-tonic-build-0.12.3-1.fc41
  • rust-tonic-types-0.12.3-1.fc41
  • rust-tower0.4-0.4.13-1.fc41
  • rust-tower-0.5.1-1.fc41
  • rust-tower-http0.5-0.5.2-1.fc41
  • rust-tower-http-0.6.1-1.fc41
Update description:
  • Update the hyper-rustls crate to version 0.27.3.
  • Update the reqwest crate to version 0.12.8.
  • Update the rustls-native-certs crate to version 0.8.0 and add a compat package for version 0.7.
  • Update the tonic, tonic-build, and tonic-types crates to version 0.12.3.
  • Update the tower crate to version 0.5.1 and add a compat package for version 0.4.
  • Update the tower-http crate to version 0.6.1 and add a compat package for version 0.5.

rust-hyper-rustls-0.27.3-1.fc42 rust-reqwest-0.12.8-1.fc42 rust-rustls-native-certs-0.8.0-1.fc42 rust-rustls-native-certs0.7-0.7.3-1.fc42 rust-tonic-0.12.3-1.fc42 rust-tonic-build-0.12.3-1.fc42 rust-tonic-types-0.12.3-1.fc42 rust-tower-0.5.1-1.fc42 rust…

1 day 21 hours ago
FEDORA-2024-04061a7ae3 Packages in this update:
  • rust-hyper-rustls-0.27.3-1.fc42
  • rust-reqwest-0.12.8-1.fc42
  • rust-rustls-native-certs0.7-0.7.3-1.fc42
  • rust-rustls-native-certs-0.8.0-1.fc42
  • rust-tonic-0.12.3-1.fc42
  • rust-tonic-build-0.12.3-1.fc42
  • rust-tonic-types-0.12.3-1.fc42
  • rust-tower0.4-0.4.13-1.fc42
  • rust-tower-0.5.1-1.fc42
  • rust-tower-http0.5-0.5.2-1.fc42
  • rust-tower-http-0.6.1-1.fc42
Update description:
  • Update the hyper-rustls crate to version 0.27.3.
  • Update the reqwest crate to version 0.12.8.
  • Update the rustls-native-certs crate to version 0.8.0 and add a compat package for version 0.7.
  • Update the tonic, tonic-build, and tonic-types crates to version 0.12.3.
  • Update the tower crate to version 0.5.1 and add a compat package for version 0.4.
  • Update the tower-http crate to version 0.6.1 and add a compat package for version 0.5.
Checked
26 minutes 1 second ago