wireshark-4.2.9-1.fc40
FEDORA-2024-0b563ad294
Packages in this update:
- wireshark-4.2.9-1.fc40
New version 4.2.9
Fedora Security Advisories
wireshark-4.4.2-1.fc41
FEDORA-2024-f9f740bc60
Packages in this update:
- wireshark-4.4.2-1.fc41
New version 4.4.2
rust-rustls-0.23.17-1.el9 rust-zlib-rs-0.4.0-1.el9
FEDORA-EPEL-2024-3672733748
Packages in this update:
- rust-rustls-0.23.17-1.el9
- rust-zlib-rs-0.4.0-1.el9
- Update the rustls crate to version 0.23.17.
- Update the zlib-rs crate to version 0.4.0.
The update to zlib-rs v0.4.0 also addresses CVE-2024-11249 (stack overflow during decompression with malicious input). This issue had no actual impact in Fedora, because no applications yet use the the zlib-rs feature of rustls and rustls is the only dependent package of zlib-rs.
rust-rustls-0.23.17-1.el10_0 rust-zlib-rs-0.4.0-1.el10_0
FEDORA-EPEL-2024-21e104619e
Packages in this update:
- rust-rustls-0.23.17-1.el10_0
- rust-zlib-rs-0.4.0-1.el10_0
- Update the rustls crate to version 0.23.17.
- Update the zlib-rs crate to version 0.4.0.
The update to zlib-rs v0.4.0 also addresses CVE-2024-11249 (stack overflow during decompression with malicious input). This issue had no actual impact in Fedora, because no applications yet use the the zlib-rs feature of rustls and rustls is the only dependent package of zlib-rs.
rust-rustls-0.23.17-1.fc40 rust-zlib-rs-0.4.0-1.fc40
FEDORA-2024-632b468c59
Packages in this update:
- rust-rustls-0.23.17-1.fc40
- rust-zlib-rs-0.4.0-1.fc40
- Update the rustls crate to version 0.23.17.
- Update the zlib-rs crate to version 0.4.0.
The update to zlib-rs v0.4.0 also addresses CVE-2024-11249 (stack overflow during decompression with malicious input). This issue had no actual impact in Fedora, because no applications yet use the the zlib-rs feature of rustls and rustls is the only dependent package of zlib-rs.
rust-rustls-0.23.17-1.fc41 rust-zlib-rs-0.4.0-1.fc41
FEDORA-2024-41e6e2fc74
Packages in this update:
- rust-rustls-0.23.17-1.fc41
- rust-zlib-rs-0.4.0-1.fc41
- Update the rustls crate to version 0.23.17.
- Update the zlib-rs crate to version 0.4.0.
The update to zlib-rs v0.4.0 also addresses CVE-2024-11249 (stack overflow during decompression with malicious input). This issue had no actual impact in Fedora, because no applications yet use the the zlib-rs feature of rustls and rustls is the only dependent package of zlib-rs.
rust-rustls-0.23.17-1.fc42 rust-zlib-rs-0.4.0-1.fc42
FEDORA-2024-6bcc5bbd5f
Packages in this update:
- rust-rustls-0.23.17-1.fc42
- rust-zlib-rs-0.4.0-1.fc42
- Update the rustls crate to version 0.23.17.
- Update the zlib-rs crate to version 0.4.0.
The update to zlib-rs v0.4.0 also addresses CVE-2024-11249 (stack overflow during decompression with malicious input). This issue had no actual impact in Fedora, because no applications yet use the the zlib-rs feature of rustls and rustls is the only dependent package of zlib-rs.
perl-Module-ScanDeps-1.37-1.fc40
FEDORA-2024-8adf4a4b24
Packages in this update:
- perl-Module-ScanDeps-1.37-1.fc40
1.37 - fix parsing of "use if ..." Fixes errors in PAR::Packer test t/90-rt59710.t - add test for _parse_libs()
1.36 - Fix CVE-2024-10224: Unsanitized input leads to LPE - use three-argument open() - replace 'eval "..."' constructs Note: this version was not released on CPAN because of Coordinated Release Date for CVE - README: add "Source Repository" and "Contact" info switch "Please submit bug reports to ..." to GitHub issues - add preload rule for MooX::HandlesVia cf. https://github.com/rschupp/PAR-Packer/issues/88
perl-Module-ScanDeps-1.37-1.fc41
FEDORA-2024-c05ef21f1f
Packages in this update:
- perl-Module-ScanDeps-1.37-1.fc41
1.37 - fix parsing of "use if ..." Fixes errors in PAR::Packer test t/90-rt59710.t - add test for _parse_libs() 1.36 - Fix CVE-2024-10224: Unsanitized input leads to LPE - use three-argument open() - replace 'eval "..."' constructs Note: this version was not released on CPAN because of Coordinated Release Date for CVE - README: add "Source Repository" and "Contact" info switch "Please submit bug reports to ..." to GitHub issues - add preload rule for MooX::HandlesVia cf. https://github.com/rschupp/PAR-Packer/issues/88
php-8.3.14-1.fc41
FEDORA-2024-3891a08c9e
Packages in this update:
- php-8.3.14-1.fc41
PHP version 8.3.14 (21 Nov 2024)
CLI:
- Fixed bug GH-16373 (Shebang is not skipped for router script in cli-server started through shebang). (ilutov)
- Fixed bug GHSA-4w77-75f9-2c8w (Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface). (nielsdos)
COM:
- Fixed out of bound writes to SafeArray data. (cmb)
Core:
- Fixed bug GH-16168 (php 8.1 and earlier crash immediately when compiled with Xcode 16 clang on macOS 15). (nielsdos)
- Fixed bug GH-16371 (Assertion failure in Zend/zend_weakrefs.c:646). (Arnaud)
- Fixed bug GH-16515 (Incorrect propagation of ZEND_ACC_RETURN_REFERENCE for call trampoline). (ilutov)
- Fixed bug GH-16509 (Incorrect line number in function redeclaration error). (ilutov)
- Fixed bug GH-16508 (Incorrect line number in inheritance errors of delayed early bound classes). (ilutov)
- Fixed bug GH-16648 (Use-after-free during array sorting). (ilutov)
Curl:
- Fixed bug GH-16302 (CurlMultiHandle holds a reference to CurlHandle if curl_multi_add_handle fails). (timwolla)
Date:
- Fixed bug GH-16454 (Unhandled INF in date_sunset() with tiny $utcOffset). (cmb)
- Fixed bug GH-14732 (date_sun_info() fails for non-finite values). (cmb)
DBA:
- Fixed bug GH-16390 (dba_open() can segfault for "pathless" streams). (cmb)
DOM:
- Fixed bug GH-16316 (DOMXPath breaks when not initialized properly). (nielsdos)
- Add missing hierarchy checks to replaceChild. (nielsdos)
- Fixed bug GH-16336 (Attribute intern document mismanagement). (nielsdos)
- Fixed bug GH-16338 (Null-dereference in ext/dom/node.c). (nielsdos)
- Fixed bug GH-16473 (dom_import_simplexml stub is wrong). (nielsdos)
- Fixed bug GH-16533 (Segfault when adding attribute to parent that is not an element). (nielsdos)
- Fixed bug GH-16535 (UAF when using document as a child). (nielsdos)
- Fixed bug GH-16593 (Assertion failure in DOM->replaceChild). (nielsdos)
- Fixed bug GH-16595 (Another UAF in DOM -> cloneNode). (nielsdos)
EXIF:
- Fixed bug GH-16409 (Segfault in exif_thumbnail when not dealing with a real file). (nielsdos, cmb)
FFI:
- Fixed bug GH-16397 (Segmentation fault when comparing FFI object). (nielsdos)
Filter:
- Fixed bug GH-16523 (FILTER_FLAG_HOSTNAME accepts ending hyphen). (cmb)
FPM:
- Fixed bug GH-16628 (FPM logs are getting corrupted with this log statement). (nielsdos)
GD:
- Fixed bug GH-16334 (imageaffine overflow on matrix elements). (David Carlier)
- Fixed bug GH-16427 (Unchecked libavif return values). (cmb)
- Fixed bug GH-16559 (UBSan abort in ext/gd/libgd/gd_interpolation.c:1007). (nielsdos)
GMP:
- Fixed floating point exception bug with gmp_pow when using large exposant values. (David Carlier).
- Fixed bug GH-16411 (gmp_export() can cause overflow). (cmb)
- Fixed bug GH-16501 (gmp_random_bits() can cause overflow). (David Carlier)
- Fixed gmp_pow() overflow bug with large base/exponents. (David Carlier)
- Fixed segfaults and other issues related to operator overloading with GMP objects. (Girgias)
LDAP:
- Fixed bug GHSA-g665-fm4p-vhff (OOB access in ldap_escape). (CVE-2024-8932) (nielsdos)
MBstring:
- Fixed bug GH-16361 (mb_substr overflow on start/length arguments). (David Carlier)
MySQLnd:
- Fixed bug GHSA-h35g-vwh6-m678 (Leak partial content of the heap through heap buffer over-read). (CVE-2024-8929) (Jakub Zelenka)
Opcache:
- Fixed bug GH-16408 (Array to string conversion warning emitted in optimizer). (ilutov)
OpenSSL:
- Fixed bug GH-16357 (openssl may modify member types of certificate arrays). (cmb)
- Fixed bug GH-16433 (Large values for openssl_csr_sign() $days overflow). (cmb)
- Fix various memory leaks on error conditions in openssl_x509_parse(). (nielsdos)
PDO DBLIB:
- Fixed bug GHSA-5hqh-c84r-qjcv (Integer overflow in the dblib quoter causing OOB writes). (CVE-2024-11236) (nielsdos)
PDO Firebird:
- Fixed bug GHSA-5hqh-c84r-qjcv (Integer overflow in the firebird quoter causing OOB writes). (CVE-2024-11236) (nielsdos)
PDO ODBC:
- Fixed bug GH-16450 (PDO_ODBC can inject garbage into field values). (cmb)
Phar:
- Fixed bug GH-16406 (Assertion failure in ext/phar/phar.c:2808). (nielsdos)
PHPDBG:
- Fixed bug GH-16174 (Empty string is an invalid expression for ev). (cmb)
Reflection:
- Fixed bug GH-16601 (Memory leak in Reflection constructors). (nielsdos)
Session:
- Fixed bug GH-16385 (Unexpected null returned by session_set_cookie_params). (nielsdos)
- Fixed bug GH-16290 (overflow on cookie_lifetime ini value). (David Carlier)
SOAP:
- Fixed bug GH-16318 (Recursive array segfaults soap encoding). (nielsdos)
- Fixed bug GH-16429 (Segmentation fault access null pointer in SoapClient). (nielsdos)
Sockets:
- Fixed bug with overflow socket_recvfrom $length argument. (David Carlier)
SPL:
- Fixed bug GH-16337 (Use-after-free in SplHeap). (nielsdos)
- Fixed bug GH-16464 (Use-after-free in SplDoublyLinkedList::offsetSet()). (ilutov)
- Fixed bug GH-16479 (Use-after-free in SplObjectStorage::setInfo()). (ilutov)
- Fixed bug GH-16478 (Use-after-free in SplFixedArray::unset()). (ilutov)
- Fixed bug GH-16588 (UAF in Observer->serialize). (nielsdos)
- Fix GH-16477 (Segmentation fault when calling __debugInfo() after failed SplFileObject::__constructor). (Girgias)
- Fixed bug GH-16589 (UAF in SplDoublyLinked->serialize()). (nielsdos)
- Fixed bug GH-14687 (segfault on SplObjectIterator instance). (David Carlier)
- Fixed bug GH-16604 (Memory leaks in SPL constructors). (nielsdos)
- Fixed bug GH-16646 (UAF in ArrayObject::unset() and ArrayObject::exchangeArray()). (ilutov)
Standard:
- Fixed bug GH-16293 (Failed assertion when throwing in assert() callback with bail enabled). (ilutov)
Streams:
- Fixed bug GHSA-c5f2-jwm7-mmq2 (Configuring a proxy in a stream context might allow for CRLF injection in URIs). (CVE-2024-11234) (Jakub Zelenka)
- Fixed bug GHSA-r977-prxv-hc43 (Single byte overread with convert.quoted-printable-decode filter). (CVE-2024-11233) (nielsdos)
SysVMsg:
- Fixed bug GH-16592 (msg_send() crashes when a type does not properly serialized). (David Carlier / cmb)
SysVShm:
- Fixed bug GH-16591 (Assertion error in shm_put_var). (nielsdos, cmb)
XMLReader:
- Fixed bug GH-16292 (Segmentation fault in ext/xmlreader/php_xmlreader.c). (nielsdos)
Zlib:
- Fixed bug GH-16326 (Memory management is broken for bad dictionaries.) (cmb)
php-8.3.14-1.fc40
FEDORA-2024-e0d390d35b
Packages in this update:
- php-8.3.14-1.fc40
PHP version 8.3.14 (21 Nov 2024)
CLI:
- Fixed bug GH-16373 (Shebang is not skipped for router script in cli-server started through shebang). (ilutov)
- Fixed bug GHSA-4w77-75f9-2c8w (Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface). (nielsdos)
COM:
- Fixed out of bound writes to SafeArray data. (cmb)
Core:
- Fixed bug GH-16168 (php 8.1 and earlier crash immediately when compiled with Xcode 16 clang on macOS 15). (nielsdos)
- Fixed bug GH-16371 (Assertion failure in Zend/zend_weakrefs.c:646). (Arnaud)
- Fixed bug GH-16515 (Incorrect propagation of ZEND_ACC_RETURN_REFERENCE for call trampoline). (ilutov)
- Fixed bug GH-16509 (Incorrect line number in function redeclaration error). (ilutov)
- Fixed bug GH-16508 (Incorrect line number in inheritance errors of delayed early bound classes). (ilutov)
- Fixed bug GH-16648 (Use-after-free during array sorting). (ilutov)
Curl:
- Fixed bug GH-16302 (CurlMultiHandle holds a reference to CurlHandle if curl_multi_add_handle fails). (timwolla)
Date:
- Fixed bug GH-16454 (Unhandled INF in date_sunset() with tiny $utcOffset). (cmb)
- Fixed bug GH-14732 (date_sun_info() fails for non-finite values). (cmb)
DBA:
- Fixed bug GH-16390 (dba_open() can segfault for "pathless" streams). (cmb)
DOM:
- Fixed bug GH-16316 (DOMXPath breaks when not initialized properly). (nielsdos)
- Add missing hierarchy checks to replaceChild. (nielsdos)
- Fixed bug GH-16336 (Attribute intern document mismanagement). (nielsdos)
- Fixed bug GH-16338 (Null-dereference in ext/dom/node.c). (nielsdos)
- Fixed bug GH-16473 (dom_import_simplexml stub is wrong). (nielsdos)
- Fixed bug GH-16533 (Segfault when adding attribute to parent that is not an element). (nielsdos)
- Fixed bug GH-16535 (UAF when using document as a child). (nielsdos)
- Fixed bug GH-16593 (Assertion failure in DOM->replaceChild). (nielsdos)
- Fixed bug GH-16595 (Another UAF in DOM -> cloneNode). (nielsdos)
EXIF:
- Fixed bug GH-16409 (Segfault in exif_thumbnail when not dealing with a real file). (nielsdos, cmb)
FFI:
- Fixed bug GH-16397 (Segmentation fault when comparing FFI object). (nielsdos)
Filter:
- Fixed bug GH-16523 (FILTER_FLAG_HOSTNAME accepts ending hyphen). (cmb)
FPM:
- Fixed bug GH-16628 (FPM logs are getting corrupted with this log statement). (nielsdos)
GD:
- Fixed bug GH-16334 (imageaffine overflow on matrix elements). (David Carlier)
- Fixed bug GH-16427 (Unchecked libavif return values). (cmb)
- Fixed bug GH-16559 (UBSan abort in ext/gd/libgd/gd_interpolation.c:1007). (nielsdos)
GMP:
- Fixed floating point exception bug with gmp_pow when using large exposant values. (David Carlier).
- Fixed bug GH-16411 (gmp_export() can cause overflow). (cmb)
- Fixed bug GH-16501 (gmp_random_bits() can cause overflow). (David Carlier)
- Fixed gmp_pow() overflow bug with large base/exponents. (David Carlier)
- Fixed segfaults and other issues related to operator overloading with GMP objects. (Girgias)
LDAP:
- Fixed bug GHSA-g665-fm4p-vhff (OOB access in ldap_escape). (CVE-2024-8932) (nielsdos)
MBstring:
- Fixed bug GH-16361 (mb_substr overflow on start/length arguments). (David Carlier)
MySQLnd:
- Fixed bug GHSA-h35g-vwh6-m678 (Leak partial content of the heap through heap buffer over-read). (CVE-2024-8929) (Jakub Zelenka)
Opcache:
- Fixed bug GH-16408 (Array to string conversion warning emitted in optimizer). (ilutov)
OpenSSL:
- Fixed bug GH-16357 (openssl may modify member types of certificate arrays). (cmb)
- Fixed bug GH-16433 (Large values for openssl_csr_sign() $days overflow). (cmb)
- Fix various memory leaks on error conditions in openssl_x509_parse(). (nielsdos)
PDO DBLIB:
- Fixed bug GHSA-5hqh-c84r-qjcv (Integer overflow in the dblib quoter causing OOB writes). (CVE-2024-11236) (nielsdos)
PDO Firebird:
- Fixed bug GHSA-5hqh-c84r-qjcv (Integer overflow in the firebird quoter causing OOB writes). (CVE-2024-11236) (nielsdos)
PDO ODBC:
- Fixed bug GH-16450 (PDO_ODBC can inject garbage into field values). (cmb)
Phar:
- Fixed bug GH-16406 (Assertion failure in ext/phar/phar.c:2808). (nielsdos)
PHPDBG:
- Fixed bug GH-16174 (Empty string is an invalid expression for ev). (cmb)
Reflection:
- Fixed bug GH-16601 (Memory leak in Reflection constructors). (nielsdos)
Session:
- Fixed bug GH-16385 (Unexpected null returned by session_set_cookie_params). (nielsdos)
- Fixed bug GH-16290 (overflow on cookie_lifetime ini value). (David Carlier)
SOAP:
- Fixed bug GH-16318 (Recursive array segfaults soap encoding). (nielsdos)
- Fixed bug GH-16429 (Segmentation fault access null pointer in SoapClient). (nielsdos)
Sockets:
- Fixed bug with overflow socket_recvfrom $length argument. (David Carlier)
SPL:
- Fixed bug GH-16337 (Use-after-free in SplHeap). (nielsdos)
- Fixed bug GH-16464 (Use-after-free in SplDoublyLinkedList::offsetSet()). (ilutov)
- Fixed bug GH-16479 (Use-after-free in SplObjectStorage::setInfo()). (ilutov)
- Fixed bug GH-16478 (Use-after-free in SplFixedArray::unset()). (ilutov)
- Fixed bug GH-16588 (UAF in Observer->serialize). (nielsdos)
- Fix GH-16477 (Segmentation fault when calling __debugInfo() after failed SplFileObject::__constructor). (Girgias)
- Fixed bug GH-16589 (UAF in SplDoublyLinked->serialize()). (nielsdos)
- Fixed bug GH-14687 (segfault on SplObjectIterator instance). (David Carlier)
- Fixed bug GH-16604 (Memory leaks in SPL constructors). (nielsdos)
- Fixed bug GH-16646 (UAF in ArrayObject::unset() and ArrayObject::exchangeArray()). (ilutov)
Standard:
- Fixed bug GH-16293 (Failed assertion when throwing in assert() callback with bail enabled). (ilutov)
Streams:
- Fixed bug GHSA-c5f2-jwm7-mmq2 (Configuring a proxy in a stream context might allow for CRLF injection in URIs). (CVE-2024-11234) (Jakub Zelenka)
- Fixed bug GHSA-r977-prxv-hc43 (Single byte overread with convert.quoted-printable-decode filter). (CVE-2024-11233) (nielsdos)
SysVMsg:
- Fixed bug GH-16592 (msg_send() crashes when a type does not properly serialized). (David Carlier / cmb)
SysVShm:
- Fixed bug GH-16591 (Assertion error in shm_put_var). (nielsdos, cmb)
XMLReader:
- Fixed bug GH-16292 (Segmentation fault in ext/xmlreader/php_xmlreader.c). (nielsdos)
Zlib:
- Fixed bug GH-16326 (Memory management is broken for bad dictionaries.) (cmb)
python-aiohttp-3.7.4-7.el8
FEDORA-EPEL-2024-bc19d8cc99
Packages in this update:
- python-aiohttp-3.7.4-7.el8
Security fix for CVE-2024-52304
Update License field to SPDX.
Build and install the C extensions. Based on the history of security fixes in later releases, this may close some vulnerabilities and possibly open others, as both the C and Python HTTP parsing implementations have had their own distinct issues.
While this backports the fix for CVE-2024-52304, and the fix for CVE-2024-23334 was backported in a previous update, it is very likely that other unmitigated issues exist in this old release. Unfortunately, updating to a later version in EPEL8 is impractical at best.
mingw-python-waitress-2.1.2-7.fc40
FEDORA-2024-5abfdba2b7
Packages in this update:
- mingw-python-waitress-2.1.2-7.fc40
Backport fixes for CVE-2024-49768 and CVE-2024-49769.
python-aiohttp-3.9.5-2.el9
FEDORA-EPEL-2024-7ac44bd3cc
Packages in this update:
- python-aiohttp-3.9.5-2.el9
Security fix for CVE-2024-52304
python-aiohttp-3.9.5-2.fc39
FEDORA-2024-8c3c0913dc
Packages in this update:
- python-aiohttp-3.9.5-2.fc39
Security fix for CVE-2024-52304
python-aiohttp-3.9.5-2.fc40
FEDORA-2024-04ceb82dc7
Packages in this update:
- python-aiohttp-3.9.5-2.fc40
Security fix for CVE-2024-52304
python-aiohttp-3.10.5-3.fc41
FEDORA-2024-49df7093ac
Packages in this update:
- python-aiohttp-3.10.5-3.fc41
Security fix for CVE-2024-52304
libsndfile-1.2.2-5.fc41
FEDORA-2024-1318318e7a
Packages in this update:
- libsndfile-1.2.2-5.fc41
fix crash in in ogg vorbis (#2322326) (CVE-2024-50612)
libsndfile-1.2.2-5.fc42
FEDORA-2024-bb1826234a
Packages in this update:
- libsndfile-1.2.2-5.fc42
Automatic update for libsndfile-1.2.2-5.fc42.
Changelog * Mon Nov 18 2024 Michal Hlavinka <mhlavink@redhat.com> - 1.2.2-5 - fix crash in in ogg vorbis (rhbz#2322326) (CVE-2024-50612)libsndfile-1.2.2-4.fc40
FEDORA-2024-3ae3a47901
Packages in this update:
- libsndfile-1.2.2-4.fc40
- fix crash in in ogg vorbis (rhbz#2322326) (CVE-2024-50612)