Aggregator

samba-4.22.2-1.fc43

Fedora Security Advisories
1 week 2 days ago
FEDORA-2025-a0d44a3ecf Packages in this update:
  • samba-4.22.2-1.fc43
Update description:

Automatic update for samba-4.22.2-1.fc43.

Changelog * Thu Jun 5 2025 Günther Deschner <gd@samba.org> - 2:4.22.2-1 - Update to Samba 4.22.2 - resolves: rhbz#2370468 - resolves: rhbz#2370455 - Security fix for CVE-2025-0620 * Wed Jun 4 2025 Python Maint <python-maint@redhat.com> - 2:4.22.1-2 - Rebuilt for Python 3.14

USN-7558-1: GStreamer Bad Plugins vulnerabilities

Ubuntu Security Advisories
1 week 2 days ago
It was discovered that the AV1 codec plugin in GStreamer could be made to write out of bounds. An attacker could possibly use this issue to cause applications using the plugin to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-50186, CVE-2024-0444) It was discovered that the H265 codec plugin in GStreamer could be made to write out of bounds. An attacker could possibly use this issue to cause applications using the plugin to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-3887)

python3.12-3.12.11-1.fc42

Fedora Security Advisories
1 week 2 days ago
FEDORA-2025-41dc96c19a Packages in this update:
  • python3.12-3.12.11-1.fc42
Update description:

Update to 3.12.11.

  • gh-135034: [CVE 2024-12718] [CVE 2025-4138] [CVE 2025-4330] [CVE 2025-4435] [CVE 2025-4517] Fixes multiple issues that allowed tarfile extraction filters (filter="data" and filter="tar") to be bypassed using crafted symlinks and hard links.
  • gh-133767: Fix use-after-free in the “unicode-escape” decoder with a non-“strict” error handler.
  • gh-128840: Short-circuit the processing of long IPv6 addresses early in ipaddress to prevent excessive memory consumption and a minor denial-of-service.

python3.12-3.12.11-1.fc41

Fedora Security Advisories
1 week 2 days ago
FEDORA-2025-3436f3d2b4 Packages in this update:
  • python3.12-3.12.11-1.fc41
Update description:

Update to 3.12.11.

  • gh-135034: [CVE 2024-12718] [CVE 2025-4138] [CVE 2025-4330] [CVE 2025-4435] [CVE 2025-4517] Fixes multiple issues that allowed tarfile extraction filters (filter="data" and filter="tar") to be bypassed using crafted symlinks and hard links.
  • gh-133767: Fix use-after-free in the “unicode-escape” decoder with a non-“strict” error handler.
  • gh-128840: Short-circuit the processing of long IPv6 addresses early in ipaddress to prevent excessive memory consumption and a minor denial-of-service.

python3.11-3.11.13-1.fc41

Fedora Security Advisories
1 week 2 days ago
FEDORA-2025-56b4c0f4c4 Packages in this update:
  • python3.11-3.11.13-1.fc41
Update description:

Update to 3.11.13.

  • gh-135034: [CVE 2024-12718] [CVE 2025-4138] [CVE 2025-4330] [CVE 2025-4435] [CVE 2025-4517] Fixes multiple issues that allowed tarfile extraction filters (filter="data" and filter="tar") to be bypassed using crafted symlinks and hard links.
  • gh-133767: Fix use-after-free in the “unicode-escape” decoder with a non-“strict” error handler.
  • gh-128840: Short-circuit the processing of long IPv6 addresses early in ipaddress to prevent excessive memory consumption and a minor denial-of-service.

python3.11-3.11.13-1.fc42

Fedora Security Advisories
1 week 2 days ago
FEDORA-2025-81adcd3389 Packages in this update:
  • python3.11-3.11.13-1.fc42
Update description:

Update to 3.11.13.

  • gh-135034: [CVE 2024-12718] [CVE 2025-4138] [CVE 2025-4330] [CVE 2025-4435] [CVE 2025-4517] Fixes multiple issues that allowed tarfile extraction filters (filter="data" and filter="tar") to be bypassed using crafted symlinks and hard links.
  • gh-133767: Fix use-after-free in the “unicode-escape” decoder with a non-“strict” error handler.
  • gh-128840: Short-circuit the processing of long IPv6 addresses early in ipaddress to prevent excessive memory consumption and a minor denial-of-service.

aerc-0.20.1-3.fc43

Fedora Security Advisories
1 week 2 days ago
FEDORA-2025-edd8754757 Packages in this update:
  • aerc-0.20.1-3.fc43
Update description:

Automatic update for aerc-0.20.1-3.fc43.

Changelog * Thu Jun 5 2025 Robin Jarry <robin@jarry.cc> - 0.20.1-3 - Fix CVE-2025-49466 (fedora#2370376) * Wed Apr 16 2025 Michael J Gruber <mjg@fedoraproject.org> - 0.20.1-2 - exclude i686 arch for i686 leaf package

chromium-137.0.7151.68-1.el9

Fedora Security Advisories
1 week 2 days ago
FEDORA-EPEL-2025-770f8ff502 Packages in this update:
  • chromium-137.0.7151.68-1.el9
Update description:

Update to 137.0.7151.68

  • CVE-2025-5419: Out of bounds read and write in V8
  • CVE-2025-5068: Use after free in Blink

chromium-137.0.7151.68-1.fc41

Fedora Security Advisories
1 week 2 days ago
FEDORA-2025-be7ea2f22d Packages in this update:
  • chromium-137.0.7151.68-1.fc41
Update description:

Update to 137.0.7151.68

  • CVE-2025-5419: Out of bounds read and write in V8
  • CVE-2025-5068: Use after free in Blink

chromium-137.0.7151.68-1.el10_1

Fedora Security Advisories
1 week 2 days ago
FEDORA-EPEL-2025-5b9dcd5d94 Packages in this update:
  • chromium-137.0.7151.68-1.el10_1
Update description:

Update to 137.0.7151.68

  • CVE-2025-5419: Out of bounds read and write in V8
  • CVE-2025-5068: Use after free in Blink

chromium-137.0.7151.68-1.fc42

Fedora Security Advisories
1 week 2 days ago
FEDORA-2025-bc0d109630 Packages in this update:
  • chromium-137.0.7151.68-1.fc42
Update description:

Update to 137.0.7151.68

  • CVE-2025-5419: Out of bounds read and write in V8
  • CVE-2025-5068: Use after free in Blink