Fedora Security Advisories

firefox-120.0.1-1.fc37

1 day 11 hours ago
FEDORA-2023-083a5e41cd Packages in this update:
  • firefox-120.0.1-1.fc37
Update description:
  • Updated to latest upstream (120.0.1)
  • Fixed freezes on Google Maps
  • Updated to latest upstream (120.0)

golang-github-prometheus-prom2json-1.3.3-1.fc40

1 day 22 hours ago
FEDORA-2023-14a33318b8 Packages in this update:
  • golang-github-prometheus-prom2json-1.3.3-1.fc40
Update description:

Automatic update for golang-github-prometheus-prom2json-1.3.3-1.fc40.

Changelog * Sun Dec 3 2023 Mikel Olasagasti Uranga <mikel@olasagasti.info> - 1.3.3-1 - Update to 1.3.3 - Closes rhbz#2076982 rhbz#2248331 rhbz#2163210 * Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.0-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild

python-aiohttp-3.9.1-1.fc40 python-pysqueezebox-0.5.5-11.fc40 python-wled-0.4.4-11.fc40

2 days 3 hours ago
FEDORA-2023-d5bd6b62e4 Packages in this update:
  • python-aiohttp-3.9.1-1.fc40
  • python-pysqueezebox-0.5.5-11.fc40
  • python-wled-0.4.4-11.fc40
Update description:

Security fix for CVE-2023-49081, CVE-2023-49082.

Update python-aiohttp to 3.9.1.

Patch python-pysqeezebox and python-wled so they do not have an implicit dependency on python-async-timeout via python-aiohttp.

https://github.com/aio-libs/aiohttp/releases/tag/v3.9.0

https://github.com/aio-libs/aiohttp/releases/tag/v3.9.1

clevis-pin-tpm2-0.5.3-2.fc38 keyring-ima-signer-0.1.0-11.fc38 libkrun-1.5.0-7.fc38 rust-bodhi-cli-2.1.1-2.fc38 rust-coreos-installer-0.18.0-2.fc38 rust-fedora-update-feedback-2.1.3-2.fc38 rust-gst-plugin-reqwest-0.11.1-2.fc38 rust-pore-0.1.8-5.fc38 rust…

3 days 21 hours ago
FEDORA-2023-6215ea423b Packages in this update:
  • clevis-pin-tpm2-0.5.3-2.fc38
  • keyring-ima-signer-0.1.0-11.fc38
  • libkrun-1.5.0-7.fc38
  • rust-bodhi-cli-2.1.1-2.fc38
  • rust-coreos-installer-0.18.0-2.fc38
  • rust-fedora-update-feedback-2.1.3-2.fc38
  • rust-gst-plugin-reqwest-0.11.1-2.fc38
  • rust-pore-0.1.8-5.fc38
  • rust-rpm-sequoia-1.5.0-2.fc38
  • rust-sequoia-octopus-librnp-1.5.0-4.fc38
  • rust-sequoia-policy-config-0.6.0-6.fc38
  • rust-sequoia-sq-0.26.0-10.fc38
  • rust-sequoia-wot-0.5.0-4.fc38
  • rust-sevctl-0.3.2-5.fc38
  • rust-tealdeer-1.6.1-5.fc38
Update description:

Affected applications were rebuilt against version 0.10.60 of the the openssl crate (the Rust bindings for OpenSSL) to address two security advisories:

clevis-pin-tpm2-0.5.3-2.fc39 keyring-ima-signer-0.1.0-11.fc39 rust-bodhi-cli-2.1.1-2.fc39 rust-coreos-installer-0.18.0-2.fc39 rust-fedora-update-feedback-2.1.3-2.fc39 rust-gst-plugin-reqwest-0.11.1-2.fc39 rust-pore-0.1.8-5.fc39 rust-rpm-sequoia-1.5.0-2…

3 days 21 hours ago
FEDORA-2023-9790b327cb Packages in this update:
  • clevis-pin-tpm2-0.5.3-2.fc39
  • keyring-ima-signer-0.1.0-11.fc39
  • rust-bodhi-cli-2.1.1-2.fc39
  • rust-coreos-installer-0.18.0-2.fc39
  • rust-fedora-update-feedback-2.1.3-2.fc39
  • rust-gst-plugin-reqwest-0.11.1-2.fc39
  • rust-pore-0.1.8-5.fc39
  • rust-rpm-sequoia-1.5.0-2.fc39
  • rust-sequoia-octopus-librnp-1.5.0-4.fc39
  • rust-sequoia-policy-config-0.6.0-6.fc39
  • rust-sequoia-sq-0.26.0-10.fc39
  • rust-sequoia-wot-0.5.0-4.fc39
  • rust-sevctl-0.4.3-2.fc39
  • rust-snphost-0.1.2-2.fc39
  • rust-tealdeer-1.6.1-5.fc39
Update description:

Affected applications were rebuilt against version 0.10.60 of the the openssl crate (the Rust bindings for OpenSSL) to address two security advisories:

clevis-pin-tpm2-0.5.3-2.fc40 keyring-ima-signer-0.1.0-11.fc40 python-cryptography-41.0.5-2.fc40 rust-bodhi-cli-2.1.1-2.fc40 rust-coreos-installer-0.18.0-2.fc40 rust-fedora-update-feedback-2.1.3-2.fc40 rust-gst-plugin-reqwest-0.11.1-2.fc40 rust-pore-0.1.8…

3 days 21 hours ago
FEDORA-2023-af8489dc5b Packages in this update:
  • clevis-pin-tpm2-0.5.3-2.fc40
  • keyring-ima-signer-0.1.0-11.fc40
  • python-cryptography-41.0.5-2.fc40
  • rust-bodhi-cli-2.1.1-2.fc40
  • rust-coreos-installer-0.18.0-2.fc40
  • rust-fedora-update-feedback-2.1.3-2.fc40
  • rust-gst-plugin-reqwest-0.11.1-2.fc40
  • rust-pore-0.1.8-5.fc40
  • rust-rpm-sequoia-1.5.0-2.fc40
  • rust-sequoia-octopus-librnp-1.5.0-4.fc40
  • rust-sequoia-policy-config-0.6.0-6.fc40
  • rust-sequoia-sq-0.26.0-10.fc40
  • rust-sequoia-wot-0.5.0-4.fc40
  • rust-sevctl-0.4.3-2.fc40
  • rust-snphost-0.1.2-2.fc40
  • rust-tealdeer-1.6.1-5.fc40
Update description:

Affected applications were rebuilt against version 0.10.60 of the the openssl crate (the Rust bindings for OpenSSL) to address two security advisories:

chromium-119.0.6045.199-1.el7

5 days 5 hours ago
FEDORA-EPEL-2023-46696cc30b Packages in this update:
  • chromium-119.0.6045.199-1.el7
Update description:

update to 119.0.6045.199, upstream security release

  • High CVE-2023-6348: Type Confusion in Spellcheck
  • High CVE-2023-6347: Use after free in Mojo
  • High CVE-2023-6346: Use after free in WebAudio
  • High CVE-2023-6350: Out of bounds memory access in libavif
  • High CVE-2023-6351: Use after free in libavif
  • High CVE-2023-6345: Integer overflow in Skia

chromium-119.0.6045.199-1.el8

5 days 5 hours ago
FEDORA-EPEL-2023-d47bce8e4e Packages in this update:
  • chromium-119.0.6045.199-1.el8
Update description:

update to 119.0.6045.199, upstream security release

  • High CVE-2023-6348: Type Confusion in Spellcheck
  • High CVE-2023-6347: Use after free in Mojo
  • High CVE-2023-6346: Use after free in WebAudio
  • High CVE-2023-6350: Out of bounds memory access in libavif
  • High CVE-2023-6351: Use after free in libavif
  • High CVE-2023-6345: Integer overflow in Skia

chromium-119.0.6045.199-1.el9

5 days 5 hours ago
FEDORA-EPEL-2023-2537ccf8b5 Packages in this update:
  • chromium-119.0.6045.199-1.el9
Update description:

update to 119.0.6045.199, upstream security release

  • High CVE-2023-6348: Type Confusion in Spellcheck
  • High CVE-2023-6347: Use after free in Mojo
  • High CVE-2023-6346: Use after free in WebAudio
  • High CVE-2023-6350: Out of bounds memory access in libavif
  • High CVE-2023-6351: Use after free in libavif
  • High CVE-2023-6345: Integer overflow in Skia
Checked
54 minutes 20 seconds ago