Aggregator

FEDORA-2025-7bef956026 Packages in this update:

• rnp-0.18.1-1.fc42

Update description:

Version 0.18.1

Security

• Fixed critical issue where PKESK (public-key encrypted) session keys were generated as all-zero, allowing trivial decryption of messages encrypted with public keys only (CVE-2025-13402)

FEDORA-EPEL-2025-06a66cd929 Packages in this update:

• rnp-0.18.1-1.el9

Update description:

Version 0.18.1

Security

• Fixed critical issue where PKESK (public-key encrypted) session keys were generated as all-zero, allowing trivial decryption of messages encrypted with public keys only (CVE-2025-13402)

FEDORA-2025-bc8b81c28d Packages in this update:

• rnp-0.18.1-1.fc41

Update description:

Version 0.18.1

Security

• Fixed critical issue where PKESK (public-key encrypted) session keys were generated as all-zero, allowing trivial decryption of messages encrypted with public keys only (CVE-2025-13402)

FEDORA-EPEL-2025-5eddd94672 Packages in this update:

• rnp-0.18.1-1.el10_2

Update description:

Version 0.18.1

Security

• Fixed critical issue where PKESK (public-key encrypted) session keys were generated as all-zero, allowing trivial decryption of messages encrypted with public keys only (CVE-2025-13402)

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - S390 architecture; - x86 architecture; - Network block device driver; - Character device driver; - Clock framework and drivers; - Data acquisition framework and drivers; - Hardware crypto device drivers; - Device frequency scaling framework; - DMA engine subsystem; - EDAC drivers; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - I2C subsystem; - IIO subsystem; - IIO ADC drivers; - InfiniBand drivers; - Input Device core drivers; - Multiple devices driver; - Media drivers; - Network drivers; - Mellanox network drivers; - PCI subsystem; - PHY drivers; - Pin controllers subsystem; - x86 platform drivers; - Power supply drivers; - Powercap sysfs driver; - Voltage and Current Regulator drivers; - S/390 drivers; - ASPEED SoC drivers; - SPI subsystem; - small TFT LCD display modules; - Media staging drivers; - USB Gadget drivers; - vDPA drivers; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - BTRFS file system; - Ceph distributed file system; - EFI Variable file system; - File systems infrastructure; - F2FS file system; - GFS2 file system; - Network file systems library; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - NTFS3 file system; - Proc file system; - SMB network file system; - DRM display driver; - io_uring subsystem; - Internal shared memory driver; - padata parallel execution mechanism; - Networking subsytem; - Bluetooth subsystem; - Netfilter; - UDP network protocol; - Tracing infrastructure; - BPF subsystem; - Perf events; - Padata parallel execution mechanism; - Codetag library; - KASAN memory debugging framework; - Memory management; - 802.1Q VLAN protocol; - Appletalk network protocol; - Asynchronous Transfer Mode (ATM) subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Multipath TCP; - Netlink; - RxRPC session sockets; - Network traffic control; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - VMware vSockets driver; - Wireless networking; - XFRM subsystem; - ADI SoundPort AD1816A based soundcard drivers; - MediaTek ASoC drivers; - SOF drivers; - USB sound devices; - KVM subsystem; (CVE-2025-38335, CVE-2025-38349, CVE-2025-38351, CVE-2025-38437, CVE-2025-38438, CVE-2025-38439, CVE-2025-38440, CVE-2025-38441, CVE-2025-38443, CVE-2025-38444, CVE-2025-38445, CVE-2025-38446, CVE-2025-38448, CVE-2025-38449, CVE-2025-38450, CVE-2025-38451, CVE-2025-38452, CVE-2025-38453, CVE-2025-38454, CVE-2025-38455, CVE-2025-38456, CVE-2025-38457, CVE-2025-38458, CVE-2025-38459, CVE-2025-38460, CVE-2025-38461, CVE-2025-38462, CVE-2025-38463, CVE-2025-38464, CVE-2025-38465, CVE-2025-38466, CVE-2025-38467, CVE-2025-38468, CVE-2025-38469, CVE-2025-38470, CVE-2025-38471, CVE-2025-38472, CVE-2025-38473, CVE-2025-38474, CVE-2025-38475, CVE-2025-38476, CVE-2025-38478, CVE-2025-38480, CVE-2025-38481, CVE-2025-38482, CVE-2025-38483, CVE-2025-38484, CVE-2025-38485, CVE-2025-38487, CVE-2025-38488, CVE-2025-38489, CVE-2025-38490, CVE-2025-38491, CVE-2025-38492, CVE-2025-38493, CVE-2025-38494, CVE-2025-38495, CVE-2025-38496, CVE-2025-38497, CVE-2025-38501, CVE-2025-38503, CVE-2025-38505, CVE-2025-38506, CVE-2025-38507, CVE-2025-38508, CVE-2025-38509, CVE-2025-38510, CVE-2025-38511, CVE-2025-38512, CVE-2025-38513, CVE-2025-38514, CVE-2025-38515, CVE-2025-38516, CVE-2025-38517, CVE-2025-38520, CVE-2025-38521, CVE-2025-38524, CVE-2025-38525, CVE-2025-38526, CVE-2025-38527, CVE-2025-38528, CVE-2025-38529, CVE-2025-38530, CVE-2025-38531, CVE-2025-38532, CVE-2025-38533, CVE-2025-38534, CVE-2025-38535, CVE-2025-38537, CVE-2025-38538, CVE-2025-38539, CVE-2025-38540, CVE-2025-38542, CVE-2025-38543, CVE-2025-38544, CVE-2025-38545, CVE-2025-38546, CVE-2025-38547, CVE-2025-38548, CVE-2025-38549, CVE-2025-38550, CVE-2025-38551, CVE-2025-38552, CVE-2025-38553, CVE-2025-38555, CVE-2025-38556, CVE-2025-38557, CVE-2025-38558, CVE-2025-38559, CVE-2025-38560, CVE-2025-38561, CVE-2025-38562, CVE-2025-38563, CVE-2025-38565, CVE-2025-38566, CVE-2025-38567, CVE-2025-38568, CVE-2025-38569, CVE-2025-38570, CVE-2025-38571, CVE-2025-38572, CVE-2025-38573, CVE-2025-38574, CVE-2025-38576, CVE-2025-38577, CVE-2025-38578, CVE-2025-38579, CVE-2025-38581, CVE-2025-38582, CVE-2025-38583, CVE-2025-38584, CVE-2025-38585, CVE-2025-38586, CVE-2025-38587, CVE-2025-38588, CVE-2025-38589, CVE-2025-38590, CVE-2025-38593, CVE-2025-38595, CVE-2025-38601, CVE-2025-38602, CVE-2025-38604, CVE-2025-38605, CVE-2025-38606, CVE-2025-38608, CVE-2025-38609, CVE-2025-38610, CVE-2025-38612, CVE-2025-38615, CVE-2025-38616, CVE-2025-38619, CVE-2025-38622, CVE-2025-38623, CVE-2025-38624, CVE-2025-38625, CVE-2025-38626, CVE-2025-38628, CVE-2025-38629, CVE-2025-38630, CVE-2025-38631, CVE-2025-38632, CVE-2025-38634, CVE-2025-38635, CVE-2025-38639, CVE-2025-38640, CVE-2025-38642, CVE-2025-38643, CVE-2025-38644, CVE-2025-38645, CVE-2025-38646, CVE-2025-38648, CVE-2025-38649, CVE-2025-38650, CVE-2025-38652, CVE-2025-38653, CVE-2025-38654, CVE-2025-38655, CVE-2025-38659, CVE-2025-38660, CVE-2025-38662, CVE-2025-38663, CVE-2025-38664, CVE-2025-38665, CVE-2025-38666, CVE-2025-38668, CVE-2025-38670, CVE-2025-38671, CVE-2025-38675, CVE-2025-38678, CVE-2025-39725, CVE-2025-39726, CVE-2025-39727, CVE-2025-39730, CVE-2025-39731, CVE-2025-39732, CVE-2025-39734, CVE-2025-39809, CVE-2025-39818, CVE-2025-40157)

FEDORA-2025-d41f5f4a2a Packages in this update:

• chromium-142.0.7444.175-2.fc43

Update description:

Update to 142.0.7444.175

* High CVE-2025-13223: Type Confusion in V8 * High CVE-2025-13224: Type Confusion in V8

FEDORA-EPEL-2025-cdf5100498 Packages in this update:

• chromium-142.0.7444.175-2.el9

Update description:

Update to 142.0.7444.175

* High CVE-2025-13223: Type Confusion in V8 * High CVE-2025-13224: Type Confusion in V8

Update to 142.0.7444.162

* High CVE-2025-13042: Inappropriate implementation in V8

FEDORA-2025-ee528a170d Packages in this update:

• chromium-142.0.7444.175-2.fc41

Update description:

Update to 142.0.7444.175

* High CVE-2025-13223: Type Confusion in V8 * High CVE-2025-13224: Type Confusion in V8

FEDORA-EPEL-2025-62f79f7f05 Packages in this update:

• chromium-142.0.7444.175-2.el10_2

Update description:

Update to 142.0.7444.175

* High CVE-2025-13223: Type Confusion in V8 * High CVE-2025-13224: Type Confusion in V8

FEDORA-2025-54b43715b6 Packages in this update:

• chromium-142.0.7444.175-2.fc42

Update description:

Update to 142.0.7444.175

* High CVE-2025-13223: Type Confusion in V8 * High CVE-2025-13224: Type Confusion in V8

Version:next-20251121 (linux-next) Released:2025-11-21

FEDORA-2025-45b1844342 Packages in this update:

• gnutls-3.8.11-1.fc43

Update description:

Update to the 3.8.11 release with a fix for CVE-2025-9820 and several enhancements.

It was discovered that ImageMagick did not properly handle memory when encoding BMP images. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue exists due to an incomplete fix for CVE-2025-57803.

It was discovered that cups-filters incorrectly handled certain malformed TIFF image files. A remote attacker could use this issue to cause cups-filters to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2025-57812) It was discovered that cups-filters incorrectly handled certain malformed PDF document files. A remote attacker could use this issue to cause cups-filters to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2025-64503) It was discovered that cups-filters incorrectly handled certain malformed CUPS Raster files. A remote attacker could use this issue to cause cups-filters to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-64524)

It was discovered that libcupsfilters incorrectly handled certain malformed TIFF image files. A remote attacker could use this issue to cause libcupsfilters to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-57812) It was discovered that libcupsfilters incorrectly handled certain malformed PDF document files. A remote attacker could use this issue to cause libcupsfilters to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-64503)

Version:next-20251120 (linux-next) Released:2025-11-20

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this to expose sensitive information from the host OS. (CVE-2025-40300) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - HSI subsystem; - Bluetooth subsystem; - Timer subsystem; (CVE-2025-37838, CVE-2025-38118, CVE-2025-38352)

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this to expose sensitive information from the host OS. (CVE-2025-40300) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - DMA engine subsystem; - GPU drivers; - HSI subsystem; - Media drivers; - Ethernet team driver; - SPI subsystem; - USB core drivers; - Framebuffer layer; - BTRFS file system; - Ext4 file system; - Network file system (NFS) server daemon; - NILFS2 file system; - Timer subsystem; - DCCP (Datagram Congestion Control Protocol); - IPv6 networking; - NET/ROM layer; - Packet sockets; - Network traffic control; - SCTP protocol; - VMware vSockets driver; - USB sound devices; (CVE-2023-52477, CVE-2023-52574, CVE-2023-52650, CVE-2024-27074, CVE-2024-35849, CVE-2024-41006, CVE-2024-47685, CVE-2024-49924, CVE-2024-50006, CVE-2024-50051, CVE-2024-50202, CVE-2024-50299, CVE-2024-53124, CVE-2024-53130, CVE-2024-53131, CVE-2024-53150, CVE-2024-56767, CVE-2024-57996, CVE-2025-21796, CVE-2025-37752, CVE-2025-37785, CVE-2025-37838, CVE-2025-38350, CVE-2025-38352, CVE-2025-38477, CVE-2025-38617, CVE-2025-38618)

FEDORA-2025-355d5aac01 Packages in this update:

• drupal7-7.103-1.fc43

Update description:

• https://www.drupal.org/project/drupal/releases/7.99
• https://www.drupal.org/project/drupal/releases/7.100
• https://www.drupal.org/project/drupal/releases/7.101
• https://www.drupal.org/project/drupal/releases/7.102
  • https://www.drupal.org/sa-core-2024-005
  • https://www.drupal.org/sa-core-2024-008
• https://www.drupal.org/project/drupal/releases/7.103

FEDORA-2025-f8a08bb335 Packages in this update:

• drupal7-7.103-1.fc42

Update description:

• https://www.drupal.org/project/drupal/releases/7.99
• https://www.drupal.org/project/drupal/releases/7.100
• https://www.drupal.org/project/drupal/releases/7.101
• https://www.drupal.org/project/drupal/releases/7.102
  • https://www.drupal.org/sa-core-2024-005
  • https://www.drupal.org/sa-core-2024-008
• https://www.drupal.org/project/drupal/releases/7.103