Aggregator

FEDORA-EPEL-2024-c20a11cabc Packages in this update:

• yasm-1.3.0^20230922git9defefa-2.el9

Update description:

Update to latest upstream commit, fixes CVE-2021-31975 and CVE-2021-33454. Internal testsuite was also enabled as part of the build.

FEDORA-2024-2b2993a69d Packages in this update:

• thunderbird-128.4.0-1.fc41

Update description:

Update to 128.4.0

• https://www.thunderbird.net/en-US/thunderbird/128.4.0esr/releasenotes/
• https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/

FEDORA-2024-dede8e91b1 Packages in this update:

• opendmarc-1.4.2-21.fc42

Update description:

Automatic update for opendmarc-1.4.2-21.fc42.

Changelog * Wed Oct 30 2024 Mikel Olasagasti Uranga <mikel@olasagasti.info> - 1.4.2-21 - Fix for CVE-2024-25768 - Closes rhbz#2266175 rhbz#2266174 * Tue Oct 29 2024 Mikel Olasagasti Uranga <mikel@olasagasti.info> - 1.4.2-15 - Simplify spec - Remove checks on if systemd is present - Remove checks on old Fedora releases - Remove checks on EL7 or older - Use make macros

Version:next-20241030 (linux-next) Released:2024-10-30

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations in the X Keyboard Extension. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code.

FEDORA-2024-24fbd327e3 Packages in this update:

• firefox-132.0-2.fc41

Update description:

• New upstream update (132.0)

FEDORA-2024-dee1ef052e Packages in this update:

• firefox-132.0-2.fc40

Update description:

• New upstream update (132.0)

FEDORA-2024-cc2c07317b Packages in this update:

• xorg-x11-server-Xwayland-23.2.7-2.fc39

Update description:

CVE fix for CVE-2024-9632

FEDORA-2024-275a45a146 Packages in this update:

• xorg-x11-server-Xwayland-24.1.4-1.fc40

Update description:

xwayland 24.1.4 - CVE fix for CVE-2024-9632

FEDORA-2024-80c8f31c55 Packages in this update:

• xorg-x11-server-Xwayland-24.1.4-1.fc41

Update description:

xwayland 24.1.4 - CVE fix for CVE-2024-9632

FEDORA-2024-1ab3e0f8b5 Packages in this update:

• xorg-x11-server-1.20.14-36.fc40

Update description:

Fix for CVE-2024-9632

It was discovered that urllib3 didn't strip HTTP Proxy-Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information.

USN-7064-1 fixed a vulnerability in nano. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: It was discovered that nano allowed a possible privilege escalation through an insecure temporary file. If nano was killed while editing, the permissions granted to the emergency save file could be used by an attacker to escalate privileges using a malicious symlink.

Version:next-20241029 (linux-next) Released:2024-10-29

FEDORA-2024-4d24786142 Packages in this update:

• syncthing-1.28.0-1.fc40

Update description:

Update to version 1.28.0.

Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.28.0

FEDORA-EPEL-2024-6caeb5a95f Packages in this update:

• syncthing-1.28.0-1.el9

Update description:

Update to version 1.28.0.

Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.28.0

FEDORA-2024-aa6e72c713 Packages in this update:

• syncthing-1.28.0-1.fc41

Update description:

Update to version 1.28.0.

Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.28.0

FEDORA-2024-4fc7cdc194 Packages in this update:

• syncthing-1.28.0-1.fc39

Update description:

Update to version 1.28.0.

Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.28.0

FEDORA-EPEL-2024-01e6624836 Packages in this update:

• syncthing-1.28.0-1.el8

Update description:

Update to version 1.28.0.

Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.28.0