Aggregator

USN-7851-1 fixed vulnerabilities in runC. The introduction of a new upstream release has caused regressions in runc-app and runc-stable. This update fixes the problem. Original advisory details: Lei Wang and Li Fubang discovered that runC incorrectly handled masked paths. An attacker could possibly replace a container's /dev/null with a symlink to some other procfs file and possibly escape a container. (CVE-2025-31133) Lei Wang and Li Fubang discovered that runC incorrectly handled the /dev/console bind-mounts. An attacker could potentially exploit this issue to build-mount a symlink and escape a container. (CVE-2025-52565) Li Fubang and Tõnis Tiigi discovered that the fix for CVE-2019-16884 was incomplete. An attacker could possibly use this issue to cause a denial of service or escape the container. (CVE-2025-52881)

Version:6.17.9 (stable) Released:2025-11-24 Source:linux-6.17.9.tar.xz PGP Signature:linux-6.17.9.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.17.9

Version:6.12.59 (longterm) Released:2025-11-24 Source:linux-6.12.59.tar.xz PGP Signature:linux-6.12.59.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.12.59

Version:6.6.117 (longterm) Released:2025-11-24 Source:linux-6.6.117.tar.xz PGP Signature:linux-6.6.117.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.6.117

FEDORA-2025-e0c935675d Packages in this update:

• tigervnc-1.15.0-10.fc43

Update description:

Fix recent xorg-x11-server CVEs: Fixes: CVE-2025-62229 CVE-2025-62230 CVE-2025-62231

FEDORA-2025-f59b250c31 Packages in this update:

• tigervnc-1.15.0-10.fc42

Update description:

Fix recent xorg-x11-server CVEs: Fixes: CVE-2025-62229 CVE-2025-62230 CVE-2025-62231

FEDORA-2025-bb6c04e3ee Packages in this update:

• nextcloud-32.0.2-1.fc41

Update description:

32.0.2 release RHBZ#2416087 RHBZ#2415750 RHBZ#2415751 RHBZ#2415752 RHBZ#2415753

FEDORA-EPEL-2025-f5ce86fd47 Packages in this update:

• nextcloud-32.0.2-1.el10_1

Update description:

32.0.2 release RHBZ#2416087 RHBZ#2415750 RHBZ#2415751 RHBZ#2415752 RHBZ#2415753

FEDORA-EPEL-2025-12b5bcc5d5 Packages in this update:

• nextcloud-32.0.2-1.el10_2

Update description:

32.0.2 release RHBZ#2416087 RHBZ#2415750 RHBZ#2415751 RHBZ#2415752 RHBZ#2415753

FEDORA-2025-84af4b9872 Packages in this update:

• nextcloud-32.0.2-1.fc43

Update description:

32.0.2 release RHBZ#2416087 RHBZ#2415750 RHBZ#2415751 RHBZ#2415752 RHBZ#2415753

FEDORA-2025-f62aee4fe6 Packages in this update:

• nextcloud-32.0.2-1.fc42

Update description:

32.0.2 release RHBZ#2416087 RHBZ#2415750 RHBZ#2415751 RHBZ#2415752 RHBZ#2415753

FEDORA-2025-7534523367 Packages in this update:

• nextcloud-32.0.2-1.fc44

Update description:

Automatic update for nextcloud-32.0.2-1.fc44.

Changelog * Mon Nov 24 2025 Andrew Bauer <zonexpertconsulting@outlook.com> - 32.0.2-1 - 32.0.2 release RHBZ#2416087 RHBZ#2415750 RHBZ#2415751 RHBZ#2415752 RHBZ#2415753

Jinfeng Guo discovered that the Security component of OpenJDK 17 did not correctly handle certain representations of encoded strings. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. (CVE-2025-53057) Darius Bohni discovered that the JAXP component of OpenJDK 17 was vulnerable to a XML External Entity (XEE) attack. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. (CVE-2025-53066) In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://openjdk.org/groups/vulnerability/advisories/2025-10-21

Jinfeng Guo discovered that the Security component of OpenJDK 11 did not correctly handle certain representations of encoded strings. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. (CVE-2025-53057) Darius Bohni discovered that the JAXP component of OpenJDK 11 was vulnerable to a XML External Entity (XEE) attack. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. (CVE-2025-53066) In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://openjdk.org/groups/vulnerability/advisories/2025-10-21

Version:6.18-rc7 (mainline) Released:2025-11-23 Source:linux-6.18-rc7.tar.gz Patch:full (incremental)

FEDORA-2025-4fc934f283 Packages in this update:

• webkitgtk-2.50.2-1.fc42

Update description:

• Prevent unsafe URI schemes from participating in media playback.
• Make jsc_value_array_buffer_get_data() function introspectable.
• Fix logging in to Google accounts that have a WebAuthn second factor configured.
• Fix loading webkit://gpu when there are no threads configured for GPU rendering.
• Fix rendering gradients that use the CSS hue interpolation method.
• Fix pasting image data from the clipboard.
• Fix font-family selection when the font name contains spaces.
• Fix capturing canvas snapshots in the Web Inspector.
• Fix several crashes and rendering issues.
• 2.50.2 CVE fixes: CVE-2023-43000, CVE-2025-43392, CVE-2025-43419, CVE-2025-43425, CVE-2025-43427, CVE-2025-43429, CVE-2025-43430, CVE-2025-43431, CVE-2025-43432, CVE-2025-43434, CVE-2025-43440, CVE-2025-43443, CVE-2025-43480
• This Fedora update additionally fixes CVE-2025-43421 via a downstream patch

FEDORA-2025-6f3e9e3af6 Packages in this update:

• webkitgtk-2.50.2-1.fc43

Update description:

• Prevent unsafe URI schemes from participating in media playback.
• Make jsc_value_array_buffer_get_data() function introspectable.
• Fix logging in to Google accounts that have a WebAuthn second factor configured.
• Fix loading webkit://gpu when there are no threads configured for GPU rendering.
• Fix rendering gradients that use the CSS hue interpolation method.
• Fix pasting image data from the clipboard.
• Fix font-family selection when the font name contains spaces.
• Fix capturing canvas snapshots in the Web Inspector.
• Fix several crashes and rendering issues.
• 2.50.2 CVE fixes: CVE-2023-43000, CVE-2025-43392, CVE-2025-43419, CVE-2025-43425, CVE-2025-43427, CVE-2025-43429, CVE-2025-43430, CVE-2025-43431, CVE-2025-43432, CVE-2025-43434, CVE-2025-43440, CVE-2025-43443, CVE-2025-43480
• This Fedora update additionally fixes CVE-2025-43421 via a downstream patch

FEDORA-2025-be2f64c384 Packages in this update:

• mingw-python3-3.11.14-3.fc42

Update description:

Backport fix for CVE-2025-6075

FEDORA-2025-5058925e1c Packages in this update:

• mingw-python3-3.11.14-3.fc43

Update description:

Backport fix for CVE-2025-6075

FEDORA-2025-b346087f6b Packages in this update:

• gnutls-3.8.11-1.fc42

Update description:

Update to the 3.8.11 release with a fix for CVE-2025-9820 and several enhancements.