Fedora Security Advisories

FEDORA-2024-e457192aa2 Packages in this update:

• lemonldap-ng-2.20.1-1.fc40

Update description:

Update to lemonldap-ng 2.20.1:

• [Security] Adaptative Authentication Rules triggered by "Refresh my rights"
• [Security] XSS in upgradeSession / forceUpgrade pages
• downloadSamlMetadata missing from packages in 2.20.0
• CDA request for id is not valid
• "This application is not known" when trying to access a federation application with empty RelayState
• SAML regression in 2.20.0
• Internal error when captcha rule isn't validated

FEDORA-2024-cdde5c873d Packages in this update:

• mingw-expat-2.6.4-1.fc40

Update description:

Update to 2.6.4.

Backport fix for CVE-2024-50602.

FEDORA-2024-fa21fd6c77 Packages in this update:

• mingw-expat-2.6.4-1.fc41

Update description:

Update to 2.6.4.

Backport fix for CVE-2024-50602.

FEDORA-2024-2462a2fc4c Packages in this update:

• expat-2.6.4-1.fc40

Update description:

Rebase to version 2.6.4

FEDORA-2024-ccc5045ab9 Packages in this update:

• expat-2.6.4-1.fc41

Update description:

Rebase to version 2.6.4

FEDORA-2024-16a71b7cf5 Packages in this update:

• php-bartlett-PHP-CompatInfo-7.1.4-3.fc41

Update description:

bartlett/php-compatinfo-db 6.12.0 - 2024-10-29

Added

• db:show command is now able to display deprecations on all components
• PHP 8.2.25 support
• PHP 8.3.13 support
• PHP 8.4.0 support (until RC3)

Changed

• update mailparse reference to version 3.1.8
• update oauth reference to version 2.0.9
• update oci8 reference to version 3.4.0
• update rdkafka reference to version 6.0.4
• update redis reference to version 6.1.0
• update uuid reference to version 1.2.1
• update xdebug reference to version 3.4.0beta1
• update yaml reference to version 2.2.4

bartlett/php-compatinfo-db 6.11.1 - 2024-10-04

Changed

• update opentelemetry reference to version 1.1.0 (stable)

Fixed

• PHAR distribution was broken (reason is issue explained into BOX Manifest 4.0.0RC1). Solved now, we use the final stable version 4.0.0

bartlett/php-compatinfo-db 6.11.0 - 2024-10-02

Added

• PHP 8.1.30 support
• PHP 8.2.24 support
• PHP 8.3.12 support
• mongodb extension support
• xpass extension support

Changed

• update apcu reference to version 5.1.24
• update msgpack reference to version 3.0.0
• update opentelemetry reference to version 1.1.0beta3
• update xlswriter reference to version 1.5.7
• update zip reference to version 1.22.4
• mongo extension is marked now as not supported (superseded by mongodb reference that is now available)

bartlett/php-compatinfo-db 6.10.0 - 2024-09-01

Added

• PHP 8.2.23 support
• PHP 8.3.11 support

Changed

• update xlswriter reference to version 1.5.6

bartlett/php-compatinfo-db 6.9.0 - 2024-08-17

Added

• PHP 8.2.22 support
• PHP 8.3.10 support

Changed

• update ast reference to version 1.1.2
• update igbinary reference to version 3.2.16

bartlett/php-compatinfo-db 6.8.0 - 2024-07-16

Added

• PHP 8.2.21 support
• PHP 8.3.9 support

Changed

• update xhprof reference to version 2.3.10

bartlett/php-compatinfo-db 6.7.0 - 2024-06-14

Added

• PHP 8.1.29 support
• PHP 8.2.20 support
• PHP 8.3.8 support

bartlett/php-compatinfo-db 6.6.0 - 2024-05-13

Added

• PHP 8.1.28 support
• PHP 8.2.19 support
• PHP 8.3.7 support

Changed

• update opentelemetry reference to version 1.0.3
• update xdebug reference to version 3.3.2

FEDORA-2024-727ecb90c7 Packages in this update:

• php-bartlett-PHP-CompatInfo-7.1.4-3.fc40

Update description:

bartlett/php-compatinfo-db 6.12.0 - 2024-10-29

Added

• db:show command is now able to display deprecations on all components
• PHP 8.2.25 support
• PHP 8.3.13 support
• PHP 8.4.0 support (until RC3)

Changed

• update mailparse reference to version 3.1.8
• update oauth reference to version 2.0.9
• update oci8 reference to version 3.4.0
• update rdkafka reference to version 6.0.4
• update redis reference to version 6.1.0
• update uuid reference to version 1.2.1
• update xdebug reference to version 3.4.0beta1
• update yaml reference to version 2.2.4

bartlett/php-compatinfo-db 6.11.1 - 2024-10-04

Changed

• update opentelemetry reference to version 1.1.0 (stable)

Fixed

• PHAR distribution was broken (reason is issue explained into BOX Manifest 4.0.0RC1). Solved now, we use the final stable version 4.0.0

bartlett/php-compatinfo-db 6.11.0 - 2024-10-02

Added

• PHP 8.1.30 support
• PHP 8.2.24 support
• PHP 8.3.12 support
• mongodb extension support
• xpass extension support

Changed

• update apcu reference to version 5.1.24
• update msgpack reference to version 3.0.0
• update opentelemetry reference to version 1.1.0beta3
• update xlswriter reference to version 1.5.7
• update zip reference to version 1.22.4
• mongo extension is marked now as not supported (superseded by mongodb reference that is now available)

bartlett/php-compatinfo-db 6.10.0 - 2024-09-01

Added

• PHP 8.2.23 support
• PHP 8.3.11 support

Changed

• update xlswriter reference to version 1.5.6

bartlett/php-compatinfo-db 6.9.0 - 2024-08-17

Added

• PHP 8.2.22 support
• PHP 8.3.10 support

Changed

• update ast reference to version 1.1.2
• update igbinary reference to version 3.2.16

bartlett/php-compatinfo-db 6.8.0 - 2024-07-16

Added

• PHP 8.2.21 support
• PHP 8.3.9 support

Changed

• update xhprof reference to version 2.3.10

bartlett/php-compatinfo-db 6.7.0 - 2024-06-14

Added

• PHP 8.1.29 support
• PHP 8.2.20 support
• PHP 8.3.8 support

bartlett/php-compatinfo-db 6.6.0 - 2024-05-13

Added

• PHP 8.1.28 support
• PHP 8.2.19 support
• PHP 8.3.7 support

Changed

• update opentelemetry reference to version 1.0.3
• update xdebug reference to version 3.3.2

FEDORA-2024-e7bb8bc2da Packages in this update:

• php-bartlett-PHP-CompatInfo-7.1.4-3.fc39

Update description:

bartlett/php-compatinfo-db 6.12.0 - 2024-10-29

Added

• db:show command is now able to display deprecations on all components
• PHP 8.2.25 support
• PHP 8.3.13 support
• PHP 8.4.0 support (until RC3)

Changed

• update mailparse reference to version 3.1.8
• update oauth reference to version 2.0.9
• update oci8 reference to version 3.4.0
• update rdkafka reference to version 6.0.4
• update redis reference to version 6.1.0
• update uuid reference to version 1.2.1
• update xdebug reference to version 3.4.0beta1
• update yaml reference to version 2.2.4

bartlett/php-compatinfo-db 6.11.1 - 2024-10-04

Changed

• update opentelemetry reference to version 1.1.0 (stable)

Fixed

• PHAR distribution was broken (reason is issue explained into BOX Manifest 4.0.0RC1). Solved now, we use the final stable version 4.0.0

bartlett/php-compatinfo-db 6.11.0 - 2024-10-02

Added

• PHP 8.1.30 support
• PHP 8.2.24 support
• PHP 8.3.12 support
• mongodb extension support
• xpass extension support

Changed

• update apcu reference to version 5.1.24
• update msgpack reference to version 3.0.0
• update opentelemetry reference to version 1.1.0beta3
• update xlswriter reference to version 1.5.7
• update zip reference to version 1.22.4
• mongo extension is marked now as not supported (superseded by mongodb reference that is now available)

bartlett/php-compatinfo-db 6.10.0 - 2024-09-01

Added

• PHP 8.2.23 support
• PHP 8.3.11 support

Changed

• update xlswriter reference to version 1.5.6

bartlett/php-compatinfo-db 6.9.0 - 2024-08-17

Added

• PHP 8.2.22 support
• PHP 8.3.10 support

Changed

• update ast reference to version 1.1.2
• update igbinary reference to version 3.2.16

bartlett/php-compatinfo-db 6.8.0 - 2024-07-16

Added

• PHP 8.2.21 support
• PHP 8.3.9 support

Changed

• update xhprof reference to version 2.3.10

bartlett/php-compatinfo-db 6.7.0 - 2024-06-14

Added

• PHP 8.1.29 support
• PHP 8.2.20 support
• PHP 8.3.8 support

bartlett/php-compatinfo-db 6.6.0 - 2024-05-13

Added

• PHP 8.1.28 support
• PHP 8.2.19 support
• PHP 8.3.7 support

Changed

• update opentelemetry reference to version 1.0.3
• update xdebug reference to version 3.3.2

FEDORA-2024-157678aad0 Packages in this update:

• python-waitress-3.0.1-1.fc41

Update description:

Update to version 3.0.1, which resolves CVE-2024-49768 and CVE-2024-49769.

FEDORA-2024-58de5ad94f Packages in this update:

• webkit2gtk4.0-2.46.3-1.fc41

Update description:

Update to 2.46.3

FEDORA-2024-8f88cdf4e5 Packages in this update:

• webkit2gtk4.0-2.46.3-1.fc40

Update description:

Update to 2.46.3

FEDORA-2024-c8cc025262 Packages in this update:

• python3.6-3.6.15-38.fc40

Update description:

Security fix for CVE-2024-9287 (rhbz#2321659)

FEDORA-2024-126c4f06a8 Packages in this update:

• python3.6-3.6.15-38.fc41

Update description:

Security fix for CVE-2024-9287 (rhbz#2321659)

FEDORA-2024-0bebaff45f Packages in this update:

• python3.6-3.6.15-38.fc42

Update description:

Automatic update for python3.6-3.6.15-38.fc42.

Changelog * Mon Nov 4 2024 Lumír Balhar <lbalhar@redhat.com> - 3.6.15-38 - Security fix for CVE-2024-9287 (rhbz#2321659)

FEDORA-2024-950b4465ed Packages in this update:

• mingw-expat-2.6.3-2.fc40

Update description:

Backport fix for CVE-2024-50602.

FEDORA-2024-25166655a5 Packages in this update:

• mingw-expat-2.6.3-2.fc41

Update description:

Backport fix for CVE-2024-50602.

FEDORA-2024-7427eaacd8 Packages in this update:

• mingw-expat-2.6.3-2.fc39

Update description:

Backport fix for CVE-2024-50602.

FEDORA-2024-89c69bb9d3 Packages in this update:

• llama-cpp-b3561-1.fc41

Update description:

Update to b3561

FEDORA-2024-8c218846ee Packages in this update:

• golang-github-nvidia-container-toolkit-1.16.2-1.fc40

Update description:

• Update to 1.16.2

• Fixes CVE-2024-0132 or GHSA-mjjw-553x-87pq, and CVE-2024-0133 or GHSA-f748-7hpg-88ch

FEDORA-2024-cd6112750e Packages in this update:

• golang-github-nvidia-container-toolkit-1.16.2-1.fc41

Update description:

• Update to 1.16.2

• Fixes CVE-2024-0132 or GHSA-mjjw-553x-87pq, and CVE-2024-0133 or GHSA-f748-7hpg-88ch