Fedora Security Advisories

varnish-7.6.1-6.fc42

Fedora Security Advisories
3 days 23 hours ago
FEDORA-2025-525d870026 Packages in this update:
  • varnish-7.6.1-6.fc42
Update description:

Security: This update includes fixes for CVE-2025-47905 aka VSV00016: A client-side desync vulnerability can be triggered in Varnish Cache. This vulnerability can be triggered under specific circumstances involving malformed HTTP/1 chunked requests.

libtiff-4.7.0-6.fc42

Fedora Security Advisories
4 days 9 hours ago
FEDORA-2025-7d08872494 Packages in this update:
  • libtiff-4.7.0-6.fc42
Update description:
  • fix CVE-2025-8176: use after free in tiffmedian (rhbz#2383821)
  • fix CVE-2025-8177: buffer oveflow in thumbnail setrow when processing malformed TIFF (rhbz#2383827)

libtiff-4.7.0-5.fc43

Fedora Security Advisories
4 days 14 hours ago
FEDORA-2025-be254abbfe Packages in this update:
  • libtiff-4.7.0-5.fc43
Update description:

Automatic update for libtiff-4.7.0-5.fc43.

Changelog * Tue Jul 29 2025 Michal Hlavinka <mhlavink@redhat.com> - 4.7.0-5 - fix CVE-2025-8177: buffer oveflow in thumbnail setrow when processing malformed TIFF (rhbz#2383827)

perl-Crypt-CBC-2.33-26.el8

Fedora Security Advisories
5 days 13 hours ago
FEDORA-EPEL-2025-d79f9b7270 Packages in this update:
  • perl-Crypt-CBC-2.33-26.el8
Update description:

This update includes a backported fix for CVE-2025-2814 from upstream version 3.07, in which Crypt::URandom is used to read random bytes rather than falling back to Perl's insecure rand() function if using /dev/urandom directly wasn't possible.-

perl-Crypt-CBC-3.07-1.el9

Fedora Security Advisories
5 days 13 hours ago
FEDORA-EPEL-2025-e0c2088c0b Packages in this update:
  • perl-Crypt-CBC-3.07-1.el9
Update description:

This update, to the current upstream release version, includes a fix to source random numbers using the Crypt::URandom module rather than trying to read /dev/urandom and falling back to Perl's insecure rand() function if /dev/urandom is not usable (CVE-2025-2814).

perl-Crypt-CBC-3.07-1.fc41

Fedora Security Advisories
5 days 13 hours ago
FEDORA-2025-1d22f55c40 Packages in this update:
  • perl-Crypt-CBC-3.07-1.fc41
Update description:

This update, to the current upstream release version, includes a fix to source random numbers using the Crypt::URandom module rather than trying to read /dev/urandom and falling back to Perl's insecure rand() function if /dev/urandom is not usable (CVE-2025-2814).

perl-Crypt-CBC-3.07-1.fc42

Fedora Security Advisories
5 days 13 hours ago
FEDORA-2025-f7bc7b789f Packages in this update:
  • perl-Crypt-CBC-3.07-1.fc42
Update description:

This update, to the current upstream release version, includes a fix to source random numbers using the Crypt::URandom module rather than trying to read /dev/urandom and falling back to Perl's insecure rand() function if /dev/urandom is not usable (CVE-2025-2814).

perl-Crypt-CBC-3.07-1.el10_1

Fedora Security Advisories
5 days 13 hours ago
FEDORA-EPEL-2025-b9e24be489 Packages in this update:
  • perl-Crypt-CBC-3.07-1.el10_1
Update description:

This update, to the current upstream release version, includes a fix to source random numbers using the Crypt::URandom module rather than trying to read /dev/urandom and falling back to Perl's insecure rand() function if /dev/urandom is not usable (CVE-2025-2814).

node-exporter-1.9.1-2.el9

Fedora Security Advisories
6 days 16 hours ago
FEDORA-EPEL-2025-72356603ed Packages in this update:
  • node-exporter-1.9.1-2.el9
Update description:

Initial package of node-expoter for for EL9 using go-vendor-tools.

This obsoletes golang-github-prometheus-node-exporter and updates to latest 1.9.1 version.

Checked
24 minutes 20 seconds ago
URL
https://bodhi.fedoraproject.org/rss/updates/?type=security