Aggregator

Version:next-20250123 (linux-next) Released:2025-01-23

FEDORA-2025-d243e027e4 Packages in this update:

• buildah-1.38.1-1.fc40
• containers-common-0.61.1-1.fc40
• podman-5.3.2-1.fc40

Update description:

Security fix for CVE-2024-11218 - fixed in buildah 1.38.1

Automatic update for containers-common-0.61.1-1.fc40, podman-5.3.2-1.fc40, buildah-1.38.1-1.fc40.

Changelog for containers-common * Thu Jan 16 2025 Packit <hello@packit.dev> - 5:0.61.1-1 - Update to 0.61.1 upstream release Changelog for podman * Wed Jan 22 2025 Packit <hello@packit.dev> - 5:5.3.2-1 - Update to 5.3.2 upstream release * Wed Jan 22 2025 Lokesh Mandvekar <lsm5@fedoraproject.org> - 5:5.3.1-4 - remove patch merged in upcoming upstream release * Fri Jan 17 2025 Mikhail Gavrilov <mikhail.v.gavrilov@gmail.com> - 5:5.3.1-3 - apply MR https://github.com/containers/storage/pull/2193 * Wed Nov 27 2024 Lokesh Mandvekar <lsm5@fedoraproject.org> - 5:5.3.1-2 - remove unused patch Changelog for buildah * Tue Jan 21 2025 Packit <hello@packit.dev> - 2:1.38.1-1 - Update to 1.38.1 upstream release

apply MR https://github.com/containers/storage/pull/2193

FEDORA-2025-908dfe95f6 Packages in this update:

• buildah-1.38.1-1.fc41
• containers-common-0.61.1-1.fc41
• podman-5.3.2-1.fc41

Update description:

Security fix for CVE-2024-11218 - fixed in buildah 1.38.1

Automatic update for buildah-1.38.1-1.fc41, containers-common-0.61.1-1.fc41, podman-5.3.2-1.fc41.

Changelog for buildah * Tue Jan 21 2025 Packit <hello@packit.dev> - 2:1.38.1-1 - Update to 1.38.1 upstream release Changelog for containers-common * Thu Jan 16 2025 Packit <hello@packit.dev> - 5:0.61.1-1 - Update to 0.61.1 upstream release Changelog for podman * Wed Jan 22 2025 Packit <hello@packit.dev> - 5:5.3.2-1 - Update to 5.3.2 upstream release * Wed Jan 22 2025 Lokesh Mandvekar <lsm5@fedoraproject.org> - 5:5.3.1-4 - remove patch merged in upcoming upstream release * Fri Jan 17 2025 Mikhail Gavrilov <mikhail.v.gavrilov@gmail.com> - 5:5.3.1-3 - apply MR https://github.com/containers/storage/pull/2193 * Wed Nov 27 2024 Lokesh Mandvekar <lsm5@fedoraproject.org> - 5:5.3.1-2 - remove unused patch

apply MR https://github.com/containers/storage/pull/2193

FEDORA-EPEL-2025-eb0d031bce Packages in this update:

• lemonldap-ng-2.20.2-1.el8

Update description:

• [Security][CVE-2024-52948] CSRF on 2FA registration
• [Security] Open redirect vulnerability in logout

FEDORA-2025-3aa9a75a72 Packages in this update:

• lemonldap-ng-2.20.2-1.fc41

Update description:

• [Security][CVE-2024-52948] CSRF on 2FA registration
• [Security] Open redirect vulnerability in logout

FEDORA-EPEL-2025-dd34d33955 Packages in this update:

• lemonldap-ng-2.20.2-1.el9

Update description:

• [Security][CVE-2024-52948] CSRF on 2FA registration
• [Security] Open redirect vulnerability in logout

FEDORA-2025-07901b1995 Packages in this update:

• lemonldap-ng-2.20.2-1.fc40

Update description:

• [Security][CVE-2024-52948] CSRF on 2FA registration
• [Security] Open redirect vulnerability in logout

FEDORA-EPEL-2025-70d131bc6c Packages in this update:

• phpMyAdmin-5.2.2-1.el9

Update description:

phpMyAdmin 5.2.2 is released

Welcome to the release of phpMyAdmin version 5.2.2, the "I should have released this sooner" release. This is primarily a bugfix release but also contains a few security fixes as noted below.

• fix possible security issue in sql-parser which could cause long execution times that could create a DOS attack (thanks to Maximilian Krög)
• fix an XSS vulnerability in the check tables feature (PMASA-2025-1, thanks to bluebird)
• fix an XSS vulnerability in the Insert tab (PMASA-2025-2, thanks to frequent contributor Kamil Tekiela)
• fix possible security issue with library code slim/psr7 (CVE-2023-30536)
• fix possible security issue relating to iconv (CVE-2024-2961, PMASA-2025-3)
• fix a full path disclosure in the Monitoring tab
• issue #18268 Fix UI issue the theme manager is disabled
• issue Allow opening server breadcrumb links in new tab with Ctrl/Meta key
• issue #19141 Add cookie prefix '-__Secure-' to cookies to help prevent cookie smuggling
• issue #18106 Fix renaming database with a view
• issue #18120 Fix bug with numerical tables during renaming database
• issue #16851 Fix ($cfg['Order']) default column order doesn't have have any effect since phpMyAdmin 4.2.0
• issue #18258 Speed improvements when exporting a database
• issue #18769 Improved collations support for MariaDB 10.10

There are many, many more fixes that you can see in the ChangeLog file included with this release or online

FEDORA-2025-c17ef0f176 Packages in this update:

• phpMyAdmin-5.2.2-1.fc40

Update description:

phpMyAdmin 5.2.2 is released

Welcome to the release of phpMyAdmin version 5.2.2, the "I should have released this sooner" release. This is primarily a bugfix release but also contains a few security fixes as noted below.

• fix possible security issue in sql-parser which could cause long execution times that could create a DOS attack (thanks to Maximilian Krög)
• fix an XSS vulnerability in the check tables feature (PMASA-2025-1, thanks to bluebird)
• fix an XSS vulnerability in the Insert tab (PMASA-2025-2, thanks to frequent contributor Kamil Tekiela)
• fix possible security issue with library code slim/psr7 (CVE-2023-30536)
• fix possible security issue relating to iconv (CVE-2024-2961, PMASA-2025-3)
• fix a full path disclosure in the Monitoring tab
• issue #18268 Fix UI issue the theme manager is disabled
• issue Allow opening server breadcrumb links in new tab with Ctrl/Meta key
• issue #19141 Add cookie prefix '-__Secure-' to cookies to help prevent cookie smuggling
• issue #18106 Fix renaming database with a view
• issue #18120 Fix bug with numerical tables during renaming database
• issue #16851 Fix ($cfg['Order']) default column order doesn't have have any effect since phpMyAdmin 4.2.0
• issue #18258 Speed improvements when exporting a database
• issue #18769 Improved collations support for MariaDB 10.10

There are many, many more fixes that you can see in the ChangeLog file included with this release or online

FEDORA-EPEL-2025-8683822bf7 Packages in this update:

• phpMyAdmin-5.2.2-1.el10_0

Update description:

phpMyAdmin 5.2.2 is released

Welcome to the release of phpMyAdmin version 5.2.2, the "I should have released this sooner" release. This is primarily a bugfix release but also contains a few security fixes as noted below.

• fix possible security issue in sql-parser which could cause long execution times that could create a DOS attack (thanks to Maximilian Krög)
• fix an XSS vulnerability in the check tables feature (PMASA-2025-1, thanks to bluebird)
• fix an XSS vulnerability in the Insert tab (PMASA-2025-2, thanks to frequent contributor Kamil Tekiela)
• fix possible security issue with library code slim/psr7 (CVE-2023-30536)
• fix possible security issue relating to iconv (CVE-2024-2961, PMASA-2025-3)
• fix a full path disclosure in the Monitoring tab
• issue #18268 Fix UI issue the theme manager is disabled
• issue Allow opening server breadcrumb links in new tab with Ctrl/Meta key
• issue #19141 Add cookie prefix '-__Secure-' to cookies to help prevent cookie smuggling
• issue #18106 Fix renaming database with a view
• issue #18120 Fix bug with numerical tables during renaming database
• issue #16851 Fix ($cfg['Order']) default column order doesn't have have any effect since phpMyAdmin 4.2.0
• issue #18258 Speed improvements when exporting a database
• issue #18769 Improved collations support for MariaDB 10.10

There are many, many more fixes that you can see in the ChangeLog file included with this release or online

FEDORA-2025-4b8ab3834c Packages in this update:

• phpMyAdmin-5.2.2-1.fc41

Update description:

phpMyAdmin 5.2.2 is released

Welcome to the release of phpMyAdmin version 5.2.2, the "I should have released this sooner" release. This is primarily a bugfix release but also contains a few security fixes as noted below.

• fix possible security issue in sql-parser which could cause long execution times that could create a DOS attack (thanks to Maximilian Krög)
• fix an XSS vulnerability in the check tables feature (PMASA-2025-1, thanks to bluebird)
• fix an XSS vulnerability in the Insert tab (PMASA-2025-2, thanks to frequent contributor Kamil Tekiela)
• fix possible security issue with library code slim/psr7 (CVE-2023-30536)
• fix possible security issue relating to iconv (CVE-2024-2961, PMASA-2025-3)
• fix a full path disclosure in the Monitoring tab
• issue #18268 Fix UI issue the theme manager is disabled
• issue Allow opening server breadcrumb links in new tab with Ctrl/Meta key
• issue #19141 Add cookie prefix '-__Secure-' to cookies to help prevent cookie smuggling
• issue #18106 Fix renaming database with a view
• issue #18120 Fix bug with numerical tables during renaming database
• issue #16851 Fix ($cfg['Order']) default column order doesn't have have any effect since phpMyAdmin 4.2.0
• issue #18258 Speed improvements when exporting a database
• issue #18769 Improved collations support for MariaDB 10.10

There are many, many more fixes that you can see in the ChangeLog file included with this release or online

Version:next-20250122 (linux-next) Released:2025-01-22

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystem: - Bluetooth drivers; (CVE-2024-53238, CVE-2024-56757)

FEDORA-2025-4cb7637c98 Packages in this update:

• vaultwarden-1.32.7-4.fc41

Update description:

fix VW_VERSION in compiled code, patch security issues

update to 1.32.7

FEDORA-2025-3dff292265 Packages in this update:

• vaultwarden-1.32.7-4.fc40

Update description:

fix VW_VERSION in compiled code, patch security issues

FEDORA-EPEL-2025-cd95859e4b Packages in this update:

• vaultwarden-1.32.7-4.el9

Update description:

fix VW_VERSION in compiled code, patch security issues

Update to 1.32.7

Fix CVE-2024-56335 Fix CVE-2024-55226 Fix CVE-2024-55225 Fix CVE-2024-55224

It was discovered that Vim incorrectly handled memory when closing buffers with the visual mode active. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

Version:6.6.73 (longterm) Released:2025-01-21 Source:linux-6.6.73.tar.xz PGP Signature:linux-6.6.73.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.6.73

FEDORA-2025-70a32aa438 Packages in this update:

• golang-1.23.5-1.fc41

Update description:

Includes security fixes to the crypto/x509 and net/http packages

FEDORA-2025-e8b9a6b564 Packages in this update:

• golang-1.22.11-1.fc40

Update description:

Includes security fixes to the crypto/x509 and net/http packages