Aggregator

FEDORA-2025-62d125612b Packages in this update:

• qt6-qtdeclarative-6.9.3-2.fc42

Update description:

CVE-2025-12385: Fix improper validation of img tag size in Text component parser

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - ATM drivers; - DRBD Distributed Replicated Block Device drivers; - Bus devices; - Clock framework and drivers; - Data acquisition framework and drivers; - Hardware crypto device drivers; - Device frequency scaling framework; - Buffer Sharing and Synchronization framework; - DMA engine subsystem; - ARM SCMI message protocol; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - I2C subsystem; - I3C subsystem; - IIO subsystem; - InfiniBand drivers; - Input Device core drivers; - IOMMU subsystem; - Media drivers; - Network drivers; - Mellanox network drivers; - PCI subsystem; - PCCARD (PCMCIA/CardBus) bus subsystem; - PHY drivers; - Power supply drivers; - Voltage and Current Regulator drivers; - SCSI subsystem; - ASPEED SoC drivers; - QCOM SoC drivers; - small TFT LCD display modules; - Trusted Execution Environment drivers; - TTY drivers; - UFS subsystem; - USB core drivers; - DesignWare USB3 driver; - USB Gadget drivers; - Framebuffer layer; - BTRFS file system; - File systems infrastructure; - EFI Variable file system; - Ext4 file system; - F2FS file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - NTFS3 file system; - SMB network file system; - Asynchronous Transfer Mode (ATM) subsystem; - BPF subsystem; - NFS page cache wrapper; - Memory management; - Networking subsytem; - UDP network protocol; - Perf events; - RCU subsystem; - Tracing infrastructure; - 802.1Q VLAN protocol; - Appletalk network protocol; - Amateur Radio drivers; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Ethernet bridge; - Networking core; - HSR network protocol; - IPv4 networking; - IPv6 networking; - Multipath TCP; - Netfilter; - Network traffic control; - SCTP protocol; - TLS protocol; - Wireless networking; - SoC audio core drivers; - USB sound devices; (CVE-2022-50070, CVE-2022-50327, CVE-2023-52935, CVE-2023-53074, CVE-2024-50061, CVE-2024-53068, CVE-2025-37925, CVE-2025-37968, CVE-2025-38095, CVE-2025-38148, CVE-2025-38165, CVE-2025-38335, CVE-2025-38347, CVE-2025-38468, CVE-2025-38470, CVE-2025-38473, CVE-2025-38474, CVE-2025-38476, CVE-2025-38478, CVE-2025-38480, CVE-2025-38481, CVE-2025-38482, CVE-2025-38483, CVE-2025-38487, CVE-2025-38488, CVE-2025-38494, CVE-2025-38495, CVE-2025-38497, CVE-2025-38499, CVE-2025-38502, CVE-2025-38527, CVE-2025-38528, CVE-2025-38529, CVE-2025-38530, CVE-2025-38535, CVE-2025-38538, CVE-2025-38539, CVE-2025-38548, CVE-2025-38550, CVE-2025-38553, CVE-2025-38555, CVE-2025-38563, CVE-2025-38565, CVE-2025-38569, CVE-2025-38572, CVE-2025-38574, CVE-2025-38576, CVE-2025-38577, CVE-2025-38578, CVE-2025-38579, CVE-2025-38581, CVE-2025-38583, CVE-2025-38601, CVE-2025-38602, CVE-2025-38604, CVE-2025-38608, CVE-2025-38609, CVE-2025-38612, CVE-2025-38614, CVE-2025-38622, CVE-2025-38623, CVE-2025-38624, CVE-2025-38630, CVE-2025-38634, CVE-2025-38635, CVE-2025-38639, CVE-2025-38645, CVE-2025-38650, CVE-2025-38652, CVE-2025-38663, CVE-2025-38664, CVE-2025-38666, CVE-2025-38668, CVE-2025-38670, CVE-2025-38671, CVE-2025-38676, CVE-2025-38677, CVE-2025-38678, CVE-2025-38680, CVE-2025-38681, CVE-2025-38683, CVE-2025-38684, CVE-2025-38685, CVE-2025-38687, CVE-2025-38691, CVE-2025-38693, CVE-2025-38694, CVE-2025-38695, CVE-2025-38696, CVE-2025-38697, CVE-2025-38698, CVE-2025-38699, CVE-2025-38700, CVE-2025-38701, CVE-2025-38706, CVE-2025-38707, CVE-2025-38708, CVE-2025-38711, CVE-2025-38712, CVE-2025-38713, CVE-2025-38714, CVE-2025-38715, CVE-2025-38718, CVE-2025-38721, CVE-2025-38724, CVE-2025-38725, CVE-2025-38729, CVE-2025-38732, CVE-2025-39673, CVE-2025-39675, CVE-2025-39676, CVE-2025-39681, CVE-2025-39683, CVE-2025-39684, CVE-2025-39685, CVE-2025-39686, CVE-2025-39687, CVE-2025-39689, CVE-2025-39691, CVE-2025-39693, CVE-2025-39697, CVE-2025-39702, CVE-2025-39703, CVE-2025-39709, CVE-2025-39710, CVE-2025-39713, CVE-2025-39714, CVE-2025-39724, CVE-2025-39730, CVE-2025-39734, CVE-2025-39736, CVE-2025-39737, CVE-2025-39738, CVE-2025-39742, CVE-2025-39743, CVE-2025-39749, CVE-2025-39752, CVE-2025-39756, CVE-2025-39757, CVE-2025-39760, CVE-2025-39766, CVE-2025-39772, CVE-2025-39773, CVE-2025-39776, CVE-2025-39782, CVE-2025-39783, CVE-2025-39787, CVE-2025-39788, CVE-2025-39790, CVE-2025-39794, CVE-2025-39795, CVE-2025-39798, CVE-2025-39801, CVE-2025-39806, CVE-2025-39808, CVE-2025-39812, CVE-2025-39813, CVE-2025-39817, CVE-2025-39823, CVE-2025-39824, CVE-2025-39828, CVE-2025-39835, CVE-2025-39839, CVE-2025-39841, CVE-2025-39844, CVE-2025-39845, CVE-2025-39846, CVE-2025-39847, CVE-2025-39848, CVE-2025-39853, CVE-2025-39860, CVE-2025-39864, CVE-2025-39865, CVE-2025-39866, CVE-2025-39891, CVE-2025-39894, CVE-2025-39902, CVE-2025-39920)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - Network drivers; - Netfilter; - TLS protocol; (CVE-2025-21729, CVE-2025-38227, CVE-2025-38616, CVE-2025-38678)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - Cryptographic API; - Android drivers; - TTY drivers; - F2FS file system; - 9P file system network protocol; (CVE-2025-40025, CVE-2025-40026, CVE-2025-40027, CVE-2025-40028, CVE-2025-40108, CVE-2025-40109)

FEDORA-EPEL-2025-16257f5bba Packages in this update:

• chromium-143.0.7499.40-1.el10_2

Update description: Update to 143.0.7499.40 * High CVE-2025-13630: Type Confusion in V8 * High CVE-2025-13631: Inappropriate implementation in Google Updater * High CVE-2025-13632: Inappropriate implementation in DevTools * High CVE-2025-13633: Use after free in Digital Credentials * Medium CVE-2025-13634: Inappropriate implementation in Downloads * Medium CVE-2025-13720: Bad cast in Loader * Medium CVE-2025-13721: Race in v8 * Low CVE-2025-13635: Inappropriate implementation in Downloads * Low CVE-2025-13636: Inappropriate implementation in Split View * Low CVE-2025-13637: Inappropriate implementation in Downloads * Low CVE-2025-13638: Use after free in Media Stream * Low CVE-2025-13639: Inappropriate implementation in WebRTC * Low CVE-2025-13640: Inappropriate implementation in Passwords

FEDORA-2025-a41df7ce46 Packages in this update:

• chromium-143.0.7499.40-1.fc42

Update description: Update to 143.0.7499.40 * High CVE-2025-13630: Type Confusion in V8 * High CVE-2025-13631: Inappropriate implementation in Google Updater * High CVE-2025-13632: Inappropriate implementation in DevTools * High CVE-2025-13633: Use after free in Digital Credentials * Medium CVE-2025-13634: Inappropriate implementation in Downloads * Medium CVE-2025-13720: Bad cast in Loader * Medium CVE-2025-13721: Race in v8 * Low CVE-2025-13635: Inappropriate implementation in Downloads * Low CVE-2025-13636: Inappropriate implementation in Split View * Low CVE-2025-13637: Inappropriate implementation in Downloads * Low CVE-2025-13638: Use after free in Media Stream * Low CVE-2025-13639: Inappropriate implementation in WebRTC * Low CVE-2025-13640: Inappropriate implementation in Passwords

FEDORA-EPEL-2025-a6a7b21687 Packages in this update:

• chromium-143.0.7499.40-1.el9

Update description: Update to 143.0.7499.40 * High CVE-2025-13630: Type Confusion in V8 * High CVE-2025-13631: Inappropriate implementation in Google Updater * High CVE-2025-13632: Inappropriate implementation in DevTools * High CVE-2025-13633: Use after free in Digital Credentials * Medium CVE-2025-13634: Inappropriate implementation in Downloads * Medium CVE-2025-13720: Bad cast in Loader * Medium CVE-2025-13721: Race in v8 * Low CVE-2025-13635: Inappropriate implementation in Downloads * Low CVE-2025-13636: Inappropriate implementation in Split View * Low CVE-2025-13637: Inappropriate implementation in Downloads * Low CVE-2025-13638: Use after free in Media Stream * Low CVE-2025-13639: Inappropriate implementation in WebRTC * Low CVE-2025-13640: Inappropriate implementation in Passwords

FEDORA-2025-3c51a0ed51 Packages in this update:

• chromium-143.0.7499.40-1.fc43

Update description: Update to 143.0.7499.40 * High CVE-2025-13630: Type Confusion in V8 * High CVE-2025-13631: Inappropriate implementation in Google Updater * High CVE-2025-13632: Inappropriate implementation in DevTools * High CVE-2025-13633: Use after free in Digital Credentials * Medium CVE-2025-13634: Inappropriate implementation in Downloads * Medium CVE-2025-13720: Bad cast in Loader * Medium CVE-2025-13721: Race in v8 * Low CVE-2025-13635: Inappropriate implementation in Downloads * Low CVE-2025-13636: Inappropriate implementation in Split View * Low CVE-2025-13637: Inappropriate implementation in Downloads * Low CVE-2025-13638: Use after free in Media Stream * Low CVE-2025-13639: Inappropriate implementation in WebRTC * Low CVE-2025-13640: Inappropriate implementation in Passwords

Version:next-20251205 (linux-next) Released:2025-12-05

FEDORA-2025-ed228a4b71 Packages in this update:

• abrt-2.17.8-1.fc41

Update description:

Fix CVE-2025-12744

FEDORA-2025-64091db7e0 Packages in this update:

• abrt-2.17.8-1.fc42

Update description:

Fix CVE-2025-12744

FEDORA-EPEL-2025-7ff96bb97d Packages in this update:

• webkitgtk-2.50.2-2.el10_1

Update description:

Merge remote-tracking branch 'origin/f43' into epel10.1

FEDORA-2025-ae1276a1c6 Packages in this update:

• abrt-2.17.8-1.fc43

Update description:

Fix CVE-2025-12744

FEDORA-2025-ff963b3775 Packages in this update:

• apptainer-1.4.5-2.fc42

Update description:

Apply fuse2fs patches that were accidentally empty

Update to upstream 1.4.5, including a fix for CVE-2025-65105

FEDORA-EPEL-2025-44da2a402e Packages in this update:

• apptainer-1.4.5-2.el8

Update description:

Apply fuse2fs patches that were accidentally empty

Update to upstream 1.4.5, including a fix for CVE-2025-65105

FEDORA-EPEL-2025-473cf23bc7 Packages in this update:

• apptainer-1.4.5-2.el9

Update description:

Apply fuse2fs patches that were accidentally empty

Update to upstream 1.4.5, including a fix for CVE-2025-65105

FEDORA-EPEL-2025-8e02728fbe Packages in this update:

• apptainer-1.4.5-2.el10_1

Update description:

Apply fuse2fs patches that were accidentally empty

Update to upstream 1.4.5, including a fix for CVE-2025-65105

FEDORA-2025-cf169a01e8 Packages in this update:

• apptainer-1.4.5-2.fc43

Update description:

Apply fuse2fs patches that were accidentally empty

Update to upstream 1.4.5, including a fix for CVE-2025-65105

FEDORA-2025-df330356b2 Packages in this update:

• apptainer-1.4.5-2.fc41

Update description:

Apply fuse2fs patches that were accidentally empty

Update to upstream 1.4.5, including a fix for CVE-2025-65105

FEDORA-EPEL-2025-32198453b0 Packages in this update:

• apptainer-1.4.5-2.el10_2

Update description:

Apply fuse2fs patches that were accidentally empty

Update to upstream 1.4.5, including a fix for CVE-2025-65105