nodejs22-22.15.0-2.fc40
FEDORA-2025-3eb5235527
Packages in this update:
- nodejs22-22.15.0-2.fc40
Update to version 22.15.0
Aggregator
chromium-136.0.7103.59-1.fc40
FEDORA-2025-b1804b97fc
Packages in this update:
- chromium-136.0.7103.59-1.fc40
Update to 136.0.7103.59
- CVE-2025-4096: Heap buffer overflow in HTML
- CVE-2025-4050: Out of bounds memory access in DevTools
- CVE-2025-4051: Insufficient data validation in DevTools
- CVE-2025-4052: Inappropriate implementation in DevTools
6.14.5: stable
Version:6.14.5 (stable)
Released:2025-05-02
Source:linux-6.14.5.tar.xz
PGP Signature:linux-6.14.5.tar.sign
Patch:full (incremental)
ChangeLog:ChangeLog-6.14.5
6.12.26: longterm
Version:6.12.26 (longterm)
Released:2025-05-02
Source:linux-6.12.26.tar.xz
PGP Signature:linux-6.12.26.tar.sign
Patch:full (incremental)
ChangeLog:ChangeLog-6.12.26
6.6.89: longterm
Version:6.6.89 (longterm)
Released:2025-05-02
Source:linux-6.6.89.tar.xz
PGP Signature:linux-6.6.89.tar.sign
Patch:full (incremental)
ChangeLog:ChangeLog-6.6.89
6.1.136: longterm
Version:6.1.136 (longterm)
Released:2025-05-02
Source:linux-6.1.136.tar.xz
PGP Signature:linux-6.1.136.tar.sign
Patch:full (incremental)
ChangeLog:ChangeLog-6.1.136
5.15.181: longterm
Version:5.15.181 (longterm)
Released:2025-05-02
Source:linux-5.15.181.tar.xz
PGP Signature:linux-5.15.181.tar.sign
Patch:full (incremental)
ChangeLog:ChangeLog-5.15.181
5.10.237: longterm
Version:5.10.237 (longterm)
Released:2025-05-02
Source:linux-5.10.237.tar.xz
PGP Signature:linux-5.10.237.tar.sign
Patch:full (incremental)
ChangeLog:ChangeLog-5.10.237
5.4.293: longterm
Version:5.4.293 (longterm)
Released:2025-05-02
Source:linux-5.4.293.tar.xz
PGP Signature:linux-5.4.293.tar.sign
Patch:full (incremental)
ChangeLog:ChangeLog-5.4.293
python-h11-0.13.0-2.el8
FEDORA-EPEL-2025-25fef5a8e3
Packages in this update:
- python-h11-0.13.0-2.el8
Backport upstream fix for CVE-2025-43859
python-h11-0.13.0-2.el9
FEDORA-EPEL-2025-9fdf7908ff
Packages in this update:
- python-h11-0.13.0-2.el9
Backport upstream fix for CVE-2025-43859
python-h11-0.14.0-7.fc40
FEDORA-2025-bd59b39ab6
Packages in this update:
- python-h11-0.14.0-7.fc40
Backport upstream fix for CVE-2025-43859
python-h11-0.14.0-7.fc41
FEDORA-2025-2fd25cfb83
Packages in this update:
- python-h11-0.14.0-7.fc41
Backport upstream fix for CVE-2025-43859
python-h11-0.14.0-7.fc42
FEDORA-2025-d1fffcc084
Packages in this update:
- python-h11-0.14.0-7.fc42
Backport upstream fix for CVE-2025-43859
python-h11-0.16.0-1.fc43 python-httpcore-1.0.9-1.fc43
FEDORA-2025-5d6c60c63a
Packages in this update:
- python-h11-0.16.0-1.fc43
- python-httpcore-1.0.9-1.fc43
Update python-h11 to version 0.16.0 to resolve CVE-2025-43859. This also requires updating python-httpcore to version 1.0.9 to raise it's upper dependency bound on h11.
chromium-136.0.7103.59-1.el10_1
FEDORA-EPEL-2025-235af2fbd7
Packages in this update:
- chromium-136.0.7103.59-1.el10_1
Update to 136.0.7103.59
* CVE-2025-4096: Heap buffer overflow in HTML * CVE-2025-4050: Out of bounds memory access in DevTools * CVE-2025-4051: Insufficient data validation in DevTools * CVE-2025-4052: Inappropriate implementation in DevToolschromium-136.0.7103.59-1.fc41
FEDORA-2025-8fbc37e703
Packages in this update:
- chromium-136.0.7103.59-1.fc41
Update to 136.0.7103.59
* CVE-2025-4096: Heap buffer overflow in HTML * CVE-2025-4050: Out of bounds memory access in DevTools * CVE-2025-4051: Insufficient data validation in DevTools * CVE-2025-4052: Inappropriate implementation in DevToolschromium-136.0.7103.59-1.el9
FEDORA-EPEL-2025-675ec15a85
Packages in this update:
- chromium-136.0.7103.59-1.el9
Update to 136.0.7103.59
* CVE-2025-4096: Heap buffer overflow in HTML * CVE-2025-4050: Out of bounds memory access in DevTools * CVE-2025-4051: Insufficient data validation in DevTools * CVE-2025-4052: Inappropriate implementation in DevToolschromium-136.0.7103.59-1.fc42
FEDORA-2025-eab322e215
Packages in this update:
- chromium-136.0.7103.59-1.fc42
Update to 136.0.7103.59
* CVE-2025-4096: Heap buffer overflow in HTML * CVE-2025-4050: Out of bounds memory access in DevTools * CVE-2025-4051: Insufficient data validation in DevTools * CVE-2025-4052: Inappropriate implementation in DevToolsUSN-7474-1: Docker vulnerabilities
Cory Snider discovered that Docker incorrectly handled networking packet
encapsulation. An attacker could use this issue to inject internet
packets in established connection, possibly causing a denial of service or
bypassing firewall protections. This issue only affected Ubuntu 22.04 LTS,
Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS. (CVE-2023-28840, CVE-2023-28841,
CVE-2023-28842)
Rory McNamara discovered that Docker incorrectly handled cache in the
BuildKit toolkit. An attacker could possibly use this issue to expose
sensitive information. (CVE-2024-23651)
It was discovered that Docker incorrectly handled parallel operations in
some circumstances, which could possibly lead to undefined behavior.
(CVE-2024-36621, CVE-2024-36623)
Rory McNamara discovered that Docker incorrectly verified file paths during
a certain command in the BuildKit toolkit. An attacker could possibly use
this issue to delete arbitrary files from the system. (CVE-2024-23652)