Aggregator

USN-7456-1: Twig vulnerabilities

Ubuntu Security Advisories
3 weeks 1 day ago
Fabien Potencier discovered that Twig did not run sandbox security checks in some circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary commands. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-45411) Jamie Schouten discovered that Twig could bypass the security policy for an object call. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-51754)

USN-7455-3: Linux kernel (Real-time) vulnerabilities

Ubuntu Security Advisories
3 weeks 1 day ago
Jann Horn discovered that the watch_queue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or escalate their privileges. (CVE-2022-0995) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - File systems infrastructure; - NTFS3 file system; - Ethernet bridge; - Ethtool driver; - IPv6 networking; - Network traffic control; - VMware vSockets driver; (CVE-2024-56651, CVE-2025-21756, CVE-2024-26837, CVE-2025-21700, CVE-2024-46826, CVE-2024-50256, CVE-2024-50248, CVE-2025-21993, CVE-2025-21702, CVE-2025-21701, CVE-2025-21703)

USN-7455-2: Linux kernel (FIPS) vulnerabilities

Ubuntu Security Advisories
3 weeks 1 day ago
Jann Horn discovered that the watch_queue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or escalate their privileges. (CVE-2022-0995) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - File systems infrastructure; - NTFS3 file system; - Ethernet bridge; - Ethtool driver; - IPv6 networking; - Network traffic control; - VMware vSockets driver; (CVE-2024-26837, CVE-2025-21993, CVE-2025-21702, CVE-2025-21700, CVE-2025-21701, CVE-2024-50248, CVE-2024-56651, CVE-2024-46826, CVE-2024-50256, CVE-2025-21756, CVE-2025-21703)

USN-7455-1: Linux kernel vulnerabilities

Ubuntu Security Advisories
3 weeks 1 day ago
Jann Horn discovered that the watch_queue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or escalate their privileges. (CVE-2022-0995) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - File systems infrastructure; - NTFS3 file system; - Ethernet bridge; - Ethtool driver; - IPv6 networking; - Network traffic control; - VMware vSockets driver; (CVE-2025-21703, CVE-2024-56651, CVE-2024-50248, CVE-2025-21701, CVE-2024-26837, CVE-2024-46826, CVE-2025-21993, CVE-2025-21702, CVE-2024-50256, CVE-2025-21756, CVE-2025-21700)

valkey-8.0.3-1.fc41

Fedora Security Advisories
3 weeks 2 days ago
FEDORA-2025-d191ee2f9a Packages in this update:
  • valkey-8.0.3-1.fc41
Update description:

Valkey 8.0.3 - Released Wed 23 Apr 2025

Upgrade urgency SECURITY: This release includes security fixes we recommend you apply as soon as possible.

Bug fixes

  • Optimize RDB load performance and fix cluster mode resizing on replica side (#1199)
  • Fix memory leak in forgotten node ping ext code path (#1574)
  • Fix cluster info sent stats for message with light header (#1563)
  • Fix module LatencyAddSample still work when latency-monitor-threshold is 0 (#1541)
  • Fix potential crash in radix tree recompression of huge keys (#1722)
  • Fix error "SSL routines::bad length" when connTLSWrite is called second time with smaller buffer (#1737)
  • Fix temp file leak druing replication error handling (#1721)
  • Fix ACL LOAD crash on replica since the primary client don't has a user (#1842)
  • Fix RANDOMKEY infinite loop during CLIENT PAUSE (#1850)
  • fix: add samples to stream object consumer trees (#1825)
  • Fix cluster slot stats assertion during promotion of replica (#1950)
  • Fix panic in primary when blocking shutdown after previous block with timeout (#1948)
  • Ignore stale gossip packets that arrive out of order (#1777)
  • Fix incorrect lag reported in XINFO GROUPS (#1952)
  • Avoid shard id update of replica if not matching with primary shard id (#573)

Security fixes

  • CVE-2025-21605 Limit output buffer for unauthenticated clients (#1993)

valkey-8.0.3-1.el9

Fedora Security Advisories
3 weeks 2 days ago
FEDORA-EPEL-2025-eb3543f6b8 Packages in this update:
  • valkey-8.0.3-1.el9
Update description:

Valkey 8.0.3 - Released Wed 23 Apr 2025

Upgrade urgency SECURITY: This release includes security fixes we recommend you apply as soon as possible.

Bug fixes

  • Optimize RDB load performance and fix cluster mode resizing on replica side (#1199)
  • Fix memory leak in forgotten node ping ext code path (#1574)
  • Fix cluster info sent stats for message with light header (#1563)
  • Fix module LatencyAddSample still work when latency-monitor-threshold is 0 (#1541)
  • Fix potential crash in radix tree recompression of huge keys (#1722)
  • Fix error "SSL routines::bad length" when connTLSWrite is called second time with smaller buffer (#1737)
  • Fix temp file leak druing replication error handling (#1721)
  • Fix ACL LOAD crash on replica since the primary client don't has a user (#1842)
  • Fix RANDOMKEY infinite loop during CLIENT PAUSE (#1850)
  • fix: add samples to stream object consumer trees (#1825)
  • Fix cluster slot stats assertion during promotion of replica (#1950)
  • Fix panic in primary when blocking shutdown after previous block with timeout (#1948)
  • Ignore stale gossip packets that arrive out of order (#1777)
  • Fix incorrect lag reported in XINFO GROUPS (#1952)
  • Avoid shard id update of replica if not matching with primary shard id (#573)

Security fixes

  • CVE-2025-21605 Limit output buffer for unauthenticated clients (#1993)

valkey-8.0.3-1.fc40

Fedora Security Advisories
3 weeks 2 days ago
FEDORA-2025-59ebc165fc Packages in this update:
  • valkey-8.0.3-1.fc40
Update description:

Valkey 8.0.3 - Released Wed 23 Apr 2025

Upgrade urgency SECURITY: This release includes security fixes we recommend you apply as soon as possible.

Bug fixes

  • Optimize RDB load performance and fix cluster mode resizing on replica side (#1199)
  • Fix memory leak in forgotten node ping ext code path (#1574)
  • Fix cluster info sent stats for message with light header (#1563)
  • Fix module LatencyAddSample still work when latency-monitor-threshold is 0 (#1541)
  • Fix potential crash in radix tree recompression of huge keys (#1722)
  • Fix error "SSL routines::bad length" when connTLSWrite is called second time with smaller buffer (#1737)
  • Fix temp file leak druing replication error handling (#1721)
  • Fix ACL LOAD crash on replica since the primary client don't has a user (#1842)
  • Fix RANDOMKEY infinite loop during CLIENT PAUSE (#1850)
  • fix: add samples to stream object consumer trees (#1825)
  • Fix cluster slot stats assertion during promotion of replica (#1950)
  • Fix panic in primary when blocking shutdown after previous block with timeout (#1948)
  • Ignore stale gossip packets that arrive out of order (#1777)
  • Fix incorrect lag reported in XINFO GROUPS (#1952)
  • Avoid shard id update of replica if not matching with primary shard id (#573)

Security fixes

  • CVE-2025-21605 Limit output buffer for unauthenticated clients (#1993)

valkey-8.0.3-1.fc42

Fedora Security Advisories
3 weeks 2 days ago
FEDORA-2025-2ccc1f4ed9 Packages in this update:
  • valkey-8.0.3-1.fc42
Update description:

Valkey 8.0.3 - Released Wed 23 Apr 2025

Upgrade urgency SECURITY: This release includes security fixes we recommend you apply as soon as possible.

Bug fixes

  • Optimize RDB load performance and fix cluster mode resizing on replica side (#1199)
  • Fix memory leak in forgotten node ping ext code path (#1574)
  • Fix cluster info sent stats for message with light header (#1563)
  • Fix module LatencyAddSample still work when latency-monitor-threshold is 0 (#1541)
  • Fix potential crash in radix tree recompression of huge keys (#1722)
  • Fix error "SSL routines::bad length" when connTLSWrite is called second time with smaller buffer (#1737)
  • Fix temp file leak druing replication error handling (#1721)
  • Fix ACL LOAD crash on replica since the primary client don't has a user (#1842)
  • Fix RANDOMKEY infinite loop during CLIENT PAUSE (#1850)
  • fix: add samples to stream object consumer trees (#1825)
  • Fix cluster slot stats assertion during promotion of replica (#1950)
  • Fix panic in primary when blocking shutdown after previous block with timeout (#1948)
  • Ignore stale gossip packets that arrive out of order (#1777)
  • Fix incorrect lag reported in XINFO GROUPS (#1952)
  • Avoid shard id update of replica if not matching with primary shard id (#573)

Security fixes

  • CVE-2025-21605 Limit output buffer for unauthenticated clients (#1993)

valkey-8.0.3-1.el8

Fedora Security Advisories
3 weeks 2 days ago
FEDORA-EPEL-2025-a73f52377d Packages in this update:
  • valkey-8.0.3-1.el8
Update description:

Valkey 8.0.3 - Released Wed 23 Apr 2025

Upgrade urgency SECURITY: This release includes security fixes we recommend you apply as soon as possible.

Bug fixes

  • Optimize RDB load performance and fix cluster mode resizing on replica side (#1199)
  • Fix memory leak in forgotten node ping ext code path (#1574)
  • Fix cluster info sent stats for message with light header (#1563)
  • Fix module LatencyAddSample still work when latency-monitor-threshold is 0 (#1541)
  • Fix potential crash in radix tree recompression of huge keys (#1722)
  • Fix error "SSL routines::bad length" when connTLSWrite is called second time with smaller buffer (#1737)
  • Fix temp file leak druing replication error handling (#1721)
  • Fix ACL LOAD crash on replica since the primary client don't has a user (#1842)
  • Fix RANDOMKEY infinite loop during CLIENT PAUSE (#1850)
  • fix: add samples to stream object consumer trees (#1825)
  • Fix cluster slot stats assertion during promotion of replica (#1950)
  • Fix panic in primary when blocking shutdown after previous block with timeout (#1948)
  • Ignore stale gossip packets that arrive out of order (#1777)
  • Fix incorrect lag reported in XINFO GROUPS (#1952)
  • Avoid shard id update of replica if not matching with primary shard id (#573)

Security fixes

  • CVE-2025-21605 Limit output buffer for unauthenticated clients (#1993)

redis-7.2.8-1.fc40

Fedora Security Advisories
3 weeks 2 days ago
FEDORA-2025-290b0c6e2b Packages in this update:
  • redis-7.2.8-1.fc40
Update description:

Redis 7.2.8 Released Wed 23 Apr 2025 12:00:00 IST

Update urgency: SECURITY: There are security fixes in the release.

Security fixes

  • (CVE-2025-21605) An unauthenticated client can cause an unlimited growth of output buffers

Bug fixes

  • Fix race condition issues between the main thread and module threads
  • RANDOMKEY - infinite loop during client pause
  • ShardID inconsistency when both primary and replica support it