Fedora Security Advisories

libsoup3-3.6.5-2.fc41

Fedora Security Advisories
3 weeks 1 day ago
FEDORA-2025-1f41505af2 Packages in this update:
  • libsoup3-3.6.5-2.fc41
Update description:

This update fixes these CVEs: CVE-2025-4948 CVE-2025-32908 CVE-2025-32907 CVE-2025-4969 CVE-2025-4945 CVE-2025-4476

libsoup3-3.6.5-2.fc42

Fedora Security Advisories
3 weeks 1 day ago
FEDORA-2025-99768b0fab Packages in this update:
  • libsoup3-3.6.5-2.fc42
Update description:

This update fixes these CVEs: CVE-2025-4948 CVE-2025-32908 CVE-2025-32907 CVE-2025-4969 CVE-2025-4945 CVE-2025-4476

varnish-7.6.1-6.fc42

Fedora Security Advisories
3 weeks 1 day ago
FEDORA-2025-525d870026 Packages in this update:
  • varnish-7.6.1-6.fc42
Update description:

Security: This update includes fixes for CVE-2025-47905 aka VSV00016: A client-side desync vulnerability can be triggered in Varnish Cache. This vulnerability can be triggered under specific circumstances involving malformed HTTP/1 chunked requests.

libtiff-4.7.0-6.fc42

Fedora Security Advisories
3 weeks 1 day ago
FEDORA-2025-7d08872494 Packages in this update:
  • libtiff-4.7.0-6.fc42
Update description:
  • fix CVE-2025-8176: use after free in tiffmedian (rhbz#2383821)
  • fix CVE-2025-8177: buffer oveflow in thumbnail setrow when processing malformed TIFF (rhbz#2383827)

libtiff-4.7.0-5.fc43

Fedora Security Advisories
3 weeks 1 day ago
FEDORA-2025-be254abbfe Packages in this update:
  • libtiff-4.7.0-5.fc43
Update description:

Automatic update for libtiff-4.7.0-5.fc43.

Changelog * Tue Jul 29 2025 Michal Hlavinka <mhlavink@redhat.com> - 4.7.0-5 - fix CVE-2025-8177: buffer oveflow in thumbnail setrow when processing malformed TIFF (rhbz#2383827)

perl-Crypt-CBC-2.33-26.el8

Fedora Security Advisories
3 weeks 2 days ago
FEDORA-EPEL-2025-d79f9b7270 Packages in this update:
  • perl-Crypt-CBC-2.33-26.el8
Update description:

This update includes a backported fix for CVE-2025-2814 from upstream version 3.07, in which Crypt::URandom is used to read random bytes rather than falling back to Perl's insecure rand() function if using /dev/urandom directly wasn't possible.-

perl-Crypt-CBC-3.07-1.el9

Fedora Security Advisories
3 weeks 2 days ago
FEDORA-EPEL-2025-e0c2088c0b Packages in this update:
  • perl-Crypt-CBC-3.07-1.el9
Update description:

This update, to the current upstream release version, includes a fix to source random numbers using the Crypt::URandom module rather than trying to read /dev/urandom and falling back to Perl's insecure rand() function if /dev/urandom is not usable (CVE-2025-2814).

perl-Crypt-CBC-3.07-1.fc41

Fedora Security Advisories
3 weeks 2 days ago
FEDORA-2025-1d22f55c40 Packages in this update:
  • perl-Crypt-CBC-3.07-1.fc41
Update description:

This update, to the current upstream release version, includes a fix to source random numbers using the Crypt::URandom module rather than trying to read /dev/urandom and falling back to Perl's insecure rand() function if /dev/urandom is not usable (CVE-2025-2814).

perl-Crypt-CBC-3.07-1.fc42

Fedora Security Advisories
3 weeks 2 days ago
FEDORA-2025-f7bc7b789f Packages in this update:
  • perl-Crypt-CBC-3.07-1.fc42
Update description:

This update, to the current upstream release version, includes a fix to source random numbers using the Crypt::URandom module rather than trying to read /dev/urandom and falling back to Perl's insecure rand() function if /dev/urandom is not usable (CVE-2025-2814).

Checked
36 minutes 40 seconds ago
URL
https://bodhi.fedoraproject.org/rss/updates/?type=security