1 week 1 day ago
FEDORA-2025-c09b980696
Packages in this update:
Update description:
fix possible issue reported by OSH
2.4.16 (fedora#2417970)
rebuild due binutils bug (fedora#2418285)
fix division by zero crash in pstops (fedora#2415396)
1 week 1 day ago
FEDORA-2025-f20b9f321d
Packages in this update:
Update description:
- Updated to latest upstream (146.0)
1 week 1 day ago
FEDORA-2025-4984e74557
Packages in this update:
Update description:
- Updated to latest upstream (146.0)
1 week 1 day ago
1 week 1 day ago
FEDORA-2025-7605ca0d7d
Packages in this update:
- cef-143.0.10^chromium143.0.7499.109-1.fc42
Update description:
Update to cef-143.0.9+ge88e818 + chromium-143.0.7499.40 (rhbz#2420939)
- High CVE-2025-13630: Type Confusion in V8
- High CVE-2025-13631: Inappropriate implementation in Google Updater
- High CVE-2025-13632: Inappropriate implementation in DevTools
- High CVE-2025-13633: Use after free in Digital Credentials
- Medium CVE-2025-13634: Inappropriate implementation in Downloads
- Medium CVE-2025-13720: Bad cast in Loader
- Medium CVE-2025-13721: Race in v8
- Low CVE-2025-13635: Inappropriate implementation in Downloads
- Low CVE-2025-13636: Inappropriate implementation in Split View
- Low CVE-2025-13637: Inappropriate implementation in Downloads
- Low CVE-2025-13638: Use after free in Media Stream
- Low CVE-2025-13639: Inappropriate implementation in WebRTC
- Low CVE-2025-13640: Inappropriate implementation in Passwords
1 week 1 day ago
FEDORA-2025-6e776254bf
Packages in this update:
- cef-143.0.10^chromium143.0.7499.109-1.fc43
Update description:
Update to cef-143.0.9+ge88e818 + chromium-143.0.7499.40 (rhbz#2420939)
- High CVE-2025-13630: Type Confusion in V8
- High CVE-2025-13631: Inappropriate implementation in Google Updater
- High CVE-2025-13632: Inappropriate implementation in DevTools
- High CVE-2025-13633: Use after free in Digital Credentials
- Medium CVE-2025-13634: Inappropriate implementation in Downloads
- Medium CVE-2025-13720: Bad cast in Loader
- Medium CVE-2025-13721: Race in v8
- Low CVE-2025-13635: Inappropriate implementation in Downloads
- Low CVE-2025-13636: Inappropriate implementation in Split View
- Low CVE-2025-13637: Inappropriate implementation in Downloads
- Low CVE-2025-13638: Use after free in Media Stream
- Low CVE-2025-13639: Inappropriate implementation in WebRTC
- Low CVE-2025-13640: Inappropriate implementation in Passwords
1 week 1 day ago
FEDORA-2025-2842f20915
Packages in this update:
- ansible-13.1.0-1.fc44
- ansible-core-2.20.1-1.fc44
Update description:
https://fedoraproject.org/wiki/Changes/Ansible13
- Close old CVE bugs
- Close bogus Markdown-It CVE bug
- Close unactionable ABRT bug
1 week 1 day ago
Version:next-20251212 (linux-next)
Released:2025-12-12
1 week 1 day ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Media drivers;
- Network drivers;
- Netfilter;
- TLS protocol;
(CVE-2025-21729, CVE-2025-38227, CVE-2025-38616, CVE-2025-38678)
1 week 1 day ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- x86 architecture;
- Cryptographic API;
- Android drivers;
- TTY drivers;
- F2FS file system;
- 9P file system network protocol;
(CVE-2025-40025, CVE-2025-40026, CVE-2025-40027, CVE-2025-40028,
CVE-2025-40108, CVE-2025-40109)
1 week 1 day ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Media drivers;
- Network drivers;
- AFS file system;
- F2FS file system;
- Tracing infrastructure;
- Netfilter;
(CVE-2022-49390, CVE-2024-47691, CVE-2024-50067, CVE-2024-53090,
CVE-2024-53218, CVE-2025-21855, CVE-2025-39964, CVE-2025-39993,
CVE-2025-40018)
1 week 1 day ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Media drivers;
- Network drivers;
- AFS file system;
- F2FS file system;
- Tracing infrastructure;
- Netfilter;
(CVE-2022-49390, CVE-2024-47691, CVE-2024-50067, CVE-2024-53090,
CVE-2024-53218, CVE-2025-21855, CVE-2025-39964, CVE-2025-39993,
CVE-2025-40018)
1 week 1 day ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Media drivers;
- Network drivers;
- AFS file system;
- F2FS file system;
- Tracing infrastructure;
- Netfilter;
(CVE-2022-49390, CVE-2024-47691, CVE-2024-50067, CVE-2024-53090,
CVE-2024-53218, CVE-2025-21855, CVE-2025-39964, CVE-2025-39993,
CVE-2025-40018)
1 week 1 day ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- ACPI drivers;
- InfiniBand drivers;
- Media drivers;
- Network drivers;
- Pin controllers subsystem;
- AFS file system;
- F2FS file system;
- Tracing infrastructure;
- Memory management;
- Appletalk network protocol;
- Netfilter;
(CVE-2022-49026, CVE-2022-49390, CVE-2024-47691, CVE-2024-49935,
CVE-2024-50067, CVE-2024-50095, CVE-2024-50196, CVE-2024-53090,
CVE-2024-53218, CVE-2025-21855, CVE-2025-37958, CVE-2025-38666,
CVE-2025-39964, CVE-2025-39993, CVE-2025-40018)
1 week 1 day ago
Illia Volochii discovered that urllib3 did not limit the steps in a
decompression chain. An attacker could possibly use this issue to cause
urllib3 to use excessive resources, causing a denial of service.
(CVE-2025-66418)
Rui Xi discovered that urllib3 incorrectly handled highly compressed data.
An attacker could possibly use this issue to cause urllib3 to use excessive
resources, causing a denial of service. This issue only affected Ubuntu
24.04 LTS, Ubuntu 25.04, and Ubuntu 25.10. (CVE-2025-66471)
For the brotli encoding, the fix for CVE-2025-66471 requires an additional
security update in the brotli package.
1 week 1 day ago
Kay discovered that OpenStack Keystone incorrectly handled the ec2tokens
and s3tokens APIs. A remote attacker could possibly use this issue to
obtain unauthorized access and escalate privileges. (CVE-2025-65073)
It was discovered that OpenStack Keystone only validated the first 72
bytes of an application secret. An attacker could possibly use this issue
to bypass password complexity. (CVE-2021-3563)
It was discovered that OpenStack Keystone had a time lag before a token
should be revoked by the security policy. A remote administrator could use
this issue to maintain access for longer than expected. (CVE-2022-2447)
1 week 2 days ago
It was discovered that c-ares incorrectly handled terminating certain
queries after a maximum number of attempts. An attacker could possibly use
this issue to cause c-ares to crash, resulting in a denial of service.
1 week 2 days ago
FEDORA-2025-447e38400e
Packages in this update:
Update description:
Update to 2.22.11
1 week 2 days ago
FEDORA-2025-6ad9ed1275
Packages in this update:
Update description:
Update to 2.22.11
1 week 2 days ago
FEDORA-EPEL-2025-88d4453295
Packages in this update:
- fonttools-4.61.0-2.el10_2
- python-unicodedata2-17.0.0-1.el10_2
Update description:
Update to 17.0.0 version (#2412270)
