Aggregator

FEDORA-EPEL-2025-b92d1d4371 Packages in this update:

• chromium-137.0.7151.55-1.el10_1

Update description:

Update to 137.0.7151.55

• CVE-2025-5063: Use after free in Compositing
• CVE-2025-5280: Out of bounds write in V8
• CVE-2025-5064: Inappropriate implementation in Background Fetch API
• CVE-2025-5065: Inappropriate implementation in FileSystemAccess API
• CVE-2025-5066: Inappropriate implementation in Messages
• CVE-2025-5281: Inappropriate implementation in BFCache
• CVE-2025-5283: Use after free in libvpx
• CVE-2025-5067: Inappropriate implementation in Tab Strip

FEDORA-2025-680072bb22 Packages in this update:

• chromium-137.0.7151.55-1.fc41

Update description:

Update to 137.0.7151.55

• CVE-2025-5063: Use after free in Compositing
• CVE-2025-5280: Out of bounds write in V8
• CVE-2025-5064: Inappropriate implementation in Background Fetch API
• CVE-2025-5065: Inappropriate implementation in FileSystemAccess API
• CVE-2025-5066: Inappropriate implementation in Messages
• CVE-2025-5281: Inappropriate implementation in BFCache
• CVE-2025-5283: Use after free in libvpx
• CVE-2025-5067: Inappropriate implementation in Tab Strip

FEDORA-2025-a11b58986f Packages in this update:

• moby-engine-28.2.2-1.fc43

Update description:

Automatic update for moby-engine-28.2.2-1.fc43.

Changelog * Fri May 30 2025 Bradley G Smith <bradley.g.smith@gmail.com> - 28.2.2-1 - Update to release v28.2.2 - Resolves: rhbz # 2369024 - Upstream regression fixes * Fri May 30 2025 Bradley G Smith <bradley.g.smith@gmail.com> - 28.2.1-1 - Update to release v28.2.1 - Resolves: rhbz#2369024, rhbz#2354429, rhbz#2353100 - V28.2.1 contains regression fix - V28.2.0 has new features and fixes - Reconcile all branches for possible packit integration * Tue Apr 22 2025 Bradley G Smith <bradley.g.smith@gmail.com> - 28.1.1-2 - Build with go1.24.2-2

FEDORA-EPEL-2025-e655c1f968 Packages in this update:

• fcgi-2.4.0-52.el8

Update description:

Fix CVE-2025-23016

FEDORA-EPEL-2025-70ce865582 Packages in this update:

• fcgi-2.4.0-52.el9

Update description:

Fix CVE-2025-23016

FEDORA-EPEL-2025-9c3b16e06c Packages in this update:

• fcgi-2.4.0-52.el10_1

Update description:

Fix CVE-2025-23016

FEDORA-2025-bf22da3848 Packages in this update:

• fcgi-2.4.0-52.fc41

Update description:

Fix CVE-2025-23016

FEDORA-2025-e5cc4338e7 Packages in this update:

• fcgi-2.4.0-52.fc42

Update description:

Fix CVE-2025-23016

FEDORA-2025-802ec573e7 Packages in this update:

• mingw-gstreamer1-plugins-bad-free-1.24.10-3.fc41

Update description:

Backport fix for CVE-2025-3887.

FEDORA-2025-96b62e4c87 Packages in this update:

• mingw-gstreamer1-plugins-bad-free-1.25.1-3.fc42

Update description:

Backport fix for CVE-2025-3887.

FEDORA-2025-c04e5b95f1 Packages in this update:

• mingw-libsoup-2.74.3-12.fc42

Update description:

Backport fixes for CVE-2025-4476, CVE-2025-4948, CVE-2025-4969, CVE-2025-46420, CVE-2025-46421, CVE-2025-4945

FEDORA-2025-3b89fef0f9 Packages in this update:

• mingw-libsoup-2.74.3-12.fc41

Update description:

Backport fixes for CVE-2025-4476, CVE-2025-4948, CVE-2025-4969, CVE-2025-46420, CVE-2025-46421, CVE-2025-4945

Version:next-20250530 (linux-next) Released:2025-05-30

FEDORA-2025-ba86bed822 Packages in this update:

• systemd-256.15-1.fc41

Update description:

• Fix for local information disclosure in systemd-coredump (CVE-2025-4598)
• Various other fixes

FEDORA-2025-99055e8fe5 Packages in this update:

• systemd-257.6-1.fc42

Update description:

• Fix for local information disclosure in systemd-coredump (CVE-2025-4598)
• Fixes for systemd itself, run0, systemd-networkd, "secure" pager, man pages, shell completions, sd-boot, sd-varlink
• Hardware database update

FEDORA-2025-34badbe9b9 Packages in this update:

• firefox-139.0-1.fc42

Update description:

• New upstream version (139.0)

FEDORA-EPEL-2025-ccb0435da4 Packages in this update:

• libxmp-4.6.3-2.el8

Update description:

Latest upstream stable release. Backwards ABI and API compatible. Resolves CVE-2025-47256 .

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - Block layer subsystem; - Drivers core; - Network block device driver; - Character device driver; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Media drivers; - Network drivers; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SCSI subsystem; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - File systems infrastructure; - BTRFS file system; - NILFS2 file system; - UBI file system; - KVM subsystem; - L3 Master device support module; - Process Accounting mechanism; - printk logging mechanism; - Scheduler infrastructure; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Tomoyo security module; (CVE-2025-21835, CVE-2025-21760, CVE-2025-21914, CVE-2025-21744, CVE-2024-57977, CVE-2024-58001, CVE-2025-21848, CVE-2024-57981, CVE-2024-58055, CVE-2025-21721, CVE-2025-21925, CVE-2025-21764, CVE-2025-21909, CVE-2024-26996, CVE-2024-56599, CVE-2025-21728, CVE-2025-21782, CVE-2025-21866, CVE-2024-58069, CVE-2025-21859, CVE-2024-58007, CVE-2024-58009, CVE-2025-21904, CVE-2024-58085, CVE-2025-21920, CVE-2024-58058, CVE-2025-21811, CVE-2025-21922, CVE-2025-21948, CVE-2024-58090, CVE-2024-57980, CVE-2025-21823, CVE-2024-58052, CVE-2025-21736, CVE-2025-21917, CVE-2021-47191, CVE-2024-58051, CVE-2024-58017, CVE-2025-21846, CVE-2025-21862, CVE-2025-21722, CVE-2024-57986, CVE-2025-21871, CVE-2025-21865, CVE-2023-52741, CVE-2025-21971, CVE-2025-21718, CVE-2025-21814, CVE-2025-21704, CVE-2025-21934, CVE-2025-21781, CVE-2025-21791, CVE-2025-21708, CVE-2025-21935, CVE-2025-21761, CVE-2025-21719, CVE-2025-21763, CVE-2025-21772, CVE-2025-21905, CVE-2025-21731, CVE-2024-58002, CVE-2024-58083, CVE-2025-21858, CVE-2025-21776, CVE-2025-21762, CVE-2025-21928, CVE-2025-21877, CVE-2025-21910, CVE-2024-58010, CVE-2025-21735, CVE-2024-50055, CVE-2025-21785, CVE-2024-57973, CVE-2025-21806, CVE-2025-21749, CVE-2024-58063, CVE-2024-57979, CVE-2025-21753, CVE-2024-26982, CVE-2025-21647, CVE-2025-21898, CVE-2024-58020, CVE-2024-58071, CVE-2025-21926, CVE-2025-21715, CVE-2025-21765, CVE-2025-21787, CVE-2025-21916, CVE-2024-58014, CVE-2024-58072)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device driver; - Bus devices; - Character device driver; - TPM device driver; - Clock framework and drivers; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - InfiniBand drivers; - Media drivers; - NVIDIA Tegra memory controller driver; - Network drivers; - PCI subsystem; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - TTY drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - ACRN Hypervisor Service Module driver; - File systems infrastructure; - BTRFS file system; - F2FS file system; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - SMB network file system; - UBI file system; - KVM subsystem; - L3 Master device support module; - Process Accounting mechanism; - Padata parallel execution mechanism; - printk logging mechanism; - Scheduler infrastructure; - Timer subsystem; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - Multipath TCP; - Netfilter; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Landlock security; - Linux Security Modules (LSM) Framework; - Tomoyo security module; (CVE-2025-21804, CVE-2025-21779, CVE-2025-21878, CVE-2025-21735, CVE-2024-57977, CVE-2025-21951, CVE-2025-21704, CVE-2025-21859, CVE-2025-21760, CVE-2025-21862, CVE-2024-57834, CVE-2025-21745, CVE-2025-21762, CVE-2024-58005, CVE-2025-21846, CVE-2025-21914, CVE-2025-21736, CVE-2025-21928, CVE-2024-57986, CVE-2025-21761, CVE-2024-58086, CVE-2025-21731, CVE-2025-21766, CVE-2025-21844, CVE-2024-58072, CVE-2024-58069, CVE-2025-21924, CVE-2025-21848, CVE-2025-21950, CVE-2025-21934, CVE-2025-21647, CVE-2024-58076, CVE-2025-21726, CVE-2025-21791, CVE-2025-21722, CVE-2025-21971, CVE-2025-21719, CVE-2025-21904, CVE-2025-21875, CVE-2025-21877, CVE-2025-21758, CVE-2024-58001, CVE-2024-58007, CVE-2024-58010, CVE-2025-21787, CVE-2025-21905, CVE-2024-58055, CVE-2025-21782, CVE-2024-58090, CVE-2025-21910, CVE-2025-21708, CVE-2025-21826, CVE-2024-57980, CVE-2024-58051, CVE-2024-56721, CVE-2025-21909, CVE-2025-21802, CVE-2025-21744, CVE-2024-58058, CVE-2025-21728, CVE-2024-47726, CVE-2024-58079, CVE-2024-58002, CVE-2024-58014, CVE-2025-21898, CVE-2025-21811, CVE-2024-57979, CVE-2025-21865, CVE-2025-21748, CVE-2025-21749, CVE-2025-21920, CVE-2025-21763, CVE-2025-21764, CVE-2025-21887, CVE-2025-21858, CVE-2024-58034, CVE-2025-21820, CVE-2024-57978, CVE-2025-21866, CVE-2025-21922, CVE-2025-21926, CVE-2025-21753, CVE-2024-58052, CVE-2025-21684, CVE-2025-21823, CVE-2024-58016, CVE-2025-21835, CVE-2025-21925, CVE-2025-21707, CVE-2025-21785, CVE-2025-21795, CVE-2025-21718, CVE-2025-21935, CVE-2025-21765, CVE-2025-21715, CVE-2025-21916, CVE-2025-21727, CVE-2025-21912, CVE-2024-58071, CVE-2024-58083, CVE-2025-21948, CVE-2024-56599, CVE-2025-21721, CVE-2024-58063, CVE-2025-21806, CVE-2025-21772, CVE-2025-21776, CVE-2025-21830, CVE-2025-21917, CVE-2024-58020, CVE-2025-21871, CVE-2025-21796, CVE-2025-21711, CVE-2024-58017, CVE-2024-58085, CVE-2024-57981, CVE-2024-57973, CVE-2025-21919, CVE-2025-21814, CVE-2024-26982, CVE-2025-21781, CVE-2025-21943, CVE-2025-21799, CVE-2025-21767)