konsole5-23.08.5-2.el9
FEDORA-EPEL-2025-9c03a7aa1d
Packages in this update:
- konsole5-23.08.5-2.el9
FIx CVE-2025-49091 - Konsole Remote Code Execution Vulnerability
Aggregator
konsole5-22.04.1-2.el8
FEDORA-EPEL-2025-5fa07de5ca
Packages in this update:
- konsole5-22.04.1-2.el8
FIx CVE-2025-49091 - Konsole Remote Code Execution Vulnerability
USN-7566-1: WebKitGTK vulnerabilities
Several security issues were discovered in the WebKitGTK Web and JavaScript
engines. If a user were tricked into viewing a malicious website, a remote
attacker could exploit a variety of issues related to web browser security,
including cross-site scripting attacks, denial of service attacks, and
arbitrary code execution.
next-20250611: linux-next
Version:next-20250611 (linux-next)
Released:2025-06-11
DSA-5942-1 chromium - security update
DSA-5941-1 gst-plugins-bad1.0 - security update
USN-7565-1: libsoup vulnerabilities
It was discovered that libsoup did not correctly handle memory while
performing UTF-8 conversions. An attacker could possibly use this issue
to cause a denial of service or execute arbitrary code. This issue only
affected Ubuntu 16.04 LTS. (CVE-2024-52531)
It was discovered that libsoup could enter an infinite loop when reading
certain websocket data. An attacker could possibly use this issue to
cause a denial of service. This issue only affected Ubuntu 16.04 LTS.
(CVE-2024-52532)
It was discovered that libsoup could be made to read out of bounds. An
attacker could possibly use this issue to cause applications using
libsoup to crash, resulting in a denial of service. (CVE-2025-2784,
CVE-2025-32050, CVE-2025-32052, CVE-2025-32053)
libtpms-0.9.7-1.fc41
FEDORA-2025-25aa48d158
Packages in this update:
- libtpms-0.9.7-1.fc41
Upgrade to libtpms 0.9.7 fixing CVE-2025-49133
libtpms-0.10.1-1.fc42
FEDORA-2025-77cdabc09b
Packages in this update:
- libtpms-0.10.1-1.fc42
Upgrade to libtpms 0.10.1 fixing CVE-2025-49133
USN-7563-1: .NET vulnerability
It was discovered that .NET did not properly validate search path in
Microsoft.NETCore.App.Runtime. An attacker could possibly use this issue
to execute arbitrary code.
USN-7564-1: Samba vulnerability
It was discovered that Samba incorrectly handled certain group membership
changes when using Kerberos authentication. A remote user could possibly
use this issue to continue to access resources after being removed by an
administrator.
6.15.2: stable
Version:6.15.2 (stable)
Released:2025-06-10
Source:linux-6.15.2.tar.xz
PGP Signature:linux-6.15.2.tar.sign
Patch:full (incremental)
ChangeLog:ChangeLog-6.15.2
6.14.11: stable
Version:6.14.11 (EOL) (stable)
Released:2025-06-10
Source:linux-6.14.11.tar.xz
PGP Signature:linux-6.14.11.tar.sign
Patch:full (incremental)
ChangeLog:ChangeLog-6.14.11
6.12.33: longterm
Version:6.12.33 (longterm)
Released:2025-06-10
Source:linux-6.12.33.tar.xz
PGP Signature:linux-6.12.33.tar.sign
Patch:full (incremental)
ChangeLog:ChangeLog-6.12.33
next-20250610: linux-next
Version:next-20250610 (linux-next)
Released:2025-06-10
USN-7553-6: Linux kernel (Azure FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Clock framework and drivers;
- GPU drivers;
- Parport drivers;
- Ext4 file system;
- JFFS2 file system;
- JFS file system;
- File systems infrastructure;
- Sun RPC protocol;
- USB sound devices;
(CVE-2024-56551, CVE-2024-47701, CVE-2024-57850, CVE-2024-26966,
CVE-2021-47211, CVE-2024-56596, CVE-2024-53155, CVE-2024-42301,
CVE-2024-53168)
USN-7553-5: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Clock framework and drivers;
- GPU drivers;
- Parport drivers;
- Ext4 file system;
- JFFS2 file system;
- JFS file system;
- File systems infrastructure;
- Sun RPC protocol;
- USB sound devices;
(CVE-2024-56596, CVE-2024-47701, CVE-2024-26966, CVE-2021-47211,
CVE-2024-42301, CVE-2024-57850, CVE-2024-53168, CVE-2024-53155,
CVE-2024-56551)
USN-7553-4: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Clock framework and drivers;
- GPU drivers;
- Parport drivers;
- Ext4 file system;
- JFFS2 file system;
- JFS file system;
- File systems infrastructure;
- Sun RPC protocol;
- USB sound devices;
(CVE-2024-57850, CVE-2024-42301, CVE-2024-53155, CVE-2024-53168,
CVE-2024-26966, CVE-2021-47211, CVE-2024-56596, CVE-2024-56551,
CVE-2024-47701)
USN-7550-6: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- Sun RPC protocol;
(CVE-2024-56608, CVE-2024-53168, CVE-2024-56551)
USN-7562-1: Tomcat vulnerabilities
It was discovered that Tomcat did not include the secure attribute for
session cookies when using the RemoteIpFilter with requests from a reverse
proxy. An attacker could possibly use this issue to leak sensitive
information. This issue was fixed for tomcat8 on Ubuntu 18.04 LTS and for
tomcat9 on Ubuntu 24.04 LTS, Ubuntu 24.10, and Ubuntu 25.04.
(CVE-2023-28708)
It was discovered that Tomcat incorrectly recycled
certain objects, which could lead to information leaking from one request
to the next. An attacker could potentially use this issue to leak sensitive
information. This issue was fixed for tomcat8 on Ubuntu 18.04 LTS and for
tomcat9 on Ubuntu 24.04 LTS, Ubuntu 24.10, and Ubuntu 25.04.
(CVE-2023-42795)
It was discovered that Tomcat incorrectly handled HTTP
trailer headers. A remote attacker could possibly use this issue to perform
HTTP request smuggling. This issue was fixed for tomcat8 on Ubuntu 18.04
LTS and for tomcat9 on Ubuntu 24.04 LTS, Ubuntu 24.10, and Ubuntu 25.04.
(CVE-2023-45648)
It was discovered that Tomcat incorrectly handled
incomplete POST requests, which could cause error responses to contain data
from previous requests. An attacker could potentially use this issue to
leak sensitive information. This issue was fixed for tomcat8 on Ubuntu
18.04 LTS and for tomcat9 on Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2024-21733)
It was discovered that Tomcat incorrectly handled socket
cleanup, which could lead to websocket connections staying open. An
attacker could possibly use this issue to cause a denial of service. This
issue was fixed for tomcat8 on Ubuntu 18.04 LTS, tomcat9 on Ubuntu 24.04
LTS, Ubuntu 24.10, and Ubuntu 25.04, and for tomcat10 on Ubuntu 24.04 LTS.
(CVE-2024-23672)
It was discovered that Tomcat incorrectly handled HTTP/2
requests that exceeded configured header limits. An attacker could possibly
use this issue to cause a denial of service. (CVE-2024-24549)
It was discovered that Tomcat incorrectly handled some cases of excessive HTTP
headers when processing HTTP/2 streams. This led to miscounting of active
streams and incorrect timeout handling. An attacker could possibly use this
issue to cause connections to remain open indefinitely, leading to a denial
of service. This issue was fixed for tomcat9 on Ubuntu 22.04 LTS, Ubuntu
24.04 LTS, Ubuntu 24.10, and Ubuntu 25.04, and for tomcat10 on Ubuntu
24.04 LTS. (CVE-2024-34750)
It was discovered that Tomcat incorrectly
handled TLS handshake processes under certain configurations. An attacker
could possibly use this issue to cause a denial of service. This issue was
fixed for tomcat9 on Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS,
Ubuntu 24.04 LTS, Ubuntu 24.10, and Ubuntu 25.04, and for tomcat10 on
Ubuntu 24.04 LTS. (CVE-2024-38286)