perl-Crypt-OpenSSL-RSA-0.35-1.fc42
FEDORA-2025-52b352c9cd
Packages in this update:
- perl-Crypt-OpenSSL-RSA-0.35-1.fc42
Update to 0.35, fixes CVE-2024-2467
Aggregator
perl-Crypt-OpenSSL-RSA-0.35-1.el10_0
FEDORA-EPEL-2025-6fce9884da
Packages in this update:
- perl-Crypt-OpenSSL-RSA-0.35-1.el10_0
Update to 0.35, fixes CVE-2024-2467
perl-CryptX-0.087-2.el9
FEDORA-EPEL-2025-6c475f1e10
Packages in this update:
- perl-CryptX-0.087-2.el9
Update to 0.087, fixes CVE-2025-40914
perl-CryptX-0.087-2.fc42
FEDORA-2025-34b9058968
Packages in this update:
- perl-CryptX-0.087-2.fc42
Update to 0.087, fixes CVE-2025-40914
perl-CryptX-0.087-2.el10_0
FEDORA-EPEL-2025-a3baa1a02f
Packages in this update:
- perl-CryptX-0.087-2.el10_0
Update to 0.087, fixes CVE-2025-40914
perl-CryptX-0.087-2.el8
FEDORA-EPEL-2025-5fb24f9895
Packages in this update:
- perl-CryptX-0.087-2.el8
Update to 0.087, fixes CVE-2025-40914
perl-CryptX-0.087-2.fc41
FEDORA-2025-aff64b1f48
Packages in this update:
- perl-CryptX-0.087-2.fc41
Update to 0.087, fixes CVE-2025-40914
perl-CryptX-0.087-2.el10_1
FEDORA-EPEL-2025-9f053024cf
Packages in this update:
- perl-CryptX-0.087-2.el10_1
Update to 0.087, fixes CVE-2025-40914
USN-7573-2: X.Org X Server vulnerabilities
USN-7573-1 fixed several vulnerabilities in X.Org. This update provides
the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu
20.04 LTS.
Original advisory details:
Nils Emmerich discovered that the X.Org X Server incorrectly handled
certain memory operations. An attacker could use these issues to cause the
X Server to crash, leading to a denial of service, obtain sensitive
information, or possibly execute arbitrary code.
libblockdev-3.2.2-1.fc41
FEDORA-2025-4f28b95d7e
Packages in this update:
- libblockdev-3.2.2-1.fc41
Don't allow suid and dev set on fs resize (Thomas.Blume)
libblockdev-3.3.1-1.fc42
FEDORA-2025-af7ba2696c
Packages in this update:
- libblockdev-3.3.1-1.fc42
Automatic update for libblockdev-3.3.1-1.fc42.
Changelog for libblockdev * Wed Jun 18 2025 Packit <hello@packit.dev> - 3.3.1-1 - Update to version 3.3.1next-20250618: linux-next
Version:next-20250618 (linux-next)
Released:2025-06-18
DSA-5944-1 chromium - security update
USN-7574-1: Go vulnerabilities
Kyle Seely discovered that the Go net/http module did not properly handle
sensitive headers during repeated redirects. An attacker could possibly
use this issue to obtain sensitive information. (CVE-2024-45336)
Juho Forsén discovered that the Go crypto/x509 module incorrectly handled
IPv6 addresses during URI parsing. An attacker could possibly use this
issue to bypass certificate URI constraints. (CVE-2024-45341)
It was discovered that the Go crypto module did not properly handle
variable time instructions under certain circumstances on 64-bit Power
(ppc64el) systems. An attacker could possibly use this issue to expose
sensitive information. (CVE-2025-22866)
It was discovered that the Go http/httpproxy module did not properly
handle IPv6 zone IDs during hostname matching. An attacker could possibly
use this issue to cause a denial of service. (CVE-2025-22870)
Takeshi Kaneko discovered that the Go net/http module did not properly
strip sensitive proxy headers during redirect requests. An attacker could
possibly use this issue to obtain sensitive information. (CVE-2025-4673)
USN-7576-1: dwarfutils vulnerabilities
It was discovered that dwarfutils did not correctly certain memory
operations, which could lead to a buffer overflow. An attacker could
possibly use this issue to cause a denial of service or execute arbitrary
code.
USN-7575-1: MuJS vulnerabilities
It was discovered that MuJS did not correctly handle try/finally
statements, which could lead to a buffer overflow. An attacker could
possibly use this issue to cause a denial of service or execute
arbitrary code. (CVE-2021-45005)
Han Zheng discovered that MuJS did not correctly handle recursion, which
could lead to stack exhaustion. An attacker could possibly use this
issue to cause a denial of service. (CVE-2022-30974)
Han Zheng discovered that MuJS did not correctly handle certain memory
operations. An attacker could possibly use this issue to cause a denial
of service. (CVE-2022-30975)
python-pycares-4.9.0-1.fc41
FEDORA-2025-c10725fc18
Packages in this update:
- python-pycares-4.9.0-1.fc41
4.9.0
USN-7573-1: X.Org X Server vulnerabilities
Nils Emmerich discovered that the X.Org X Server incorrectly handled
certain memory operations. An attacker could use these issues to cause the
X Server to crash, leading to a denial of service, obtain sensitive
information, or possibly execute arbitrary code.
USN-7555-3: Django vulnerability
USN-7555-1 fixed a vulnerability in Django. This update provides an
additional fix for Ubuntu 20.04 LTS.
Original advisory details:
It was discovered that Django incorrectly handled certain
unescaped request paths. An attacker could possibly use this
issue to perform a log injection.
spdlog-1.14.1-4.fc41
FEDORA-2025-7d5c7fe0c7
Packages in this update:
- spdlog-1.14.1-4.fc41
Backported the upstream CVE-2025-6140 fix.