Aggregator

Marius Berntsberg, Trygve Vea, Tore Anderson, Rodolfo Alonso, Jay Faulkner, and Brian Haley discovered that OVN incorrectly handled certain crafted UDP packets. A remote attacker could possibly use this issue to bypass egress ACL rules.

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

USN-7376-1 fixed vulnerabilities in MariaDB. This update provides the corresponding updates for Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. Original advisory details: A security issue was discovered in MariaDB and this update includes a new upstream MariaDB version to fix the issue. In addition to security fixes, the updated packages contain bug and regression fixes, new features, and possibly incompatible changes.

Version:next-20250331 (linux-next) Released:2025-03-31

Jonathan Clem and Justin Bull discovered that Doorkeeper could allow arbitrary token revocation and replay attacks. An attacker could possibly use this issue to gain unauthorized access to a system. (CVE-2016-6582) It was discovered that Doorkeeper incorrectly handled storing client names. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. (CVE-2018-1000088)

FEDORA-2025-76dbde76fe Packages in this update:

• perl-Data-Entropy-0.008-1.fc42

Update description:

Prior to version 0.008, the Perl module Data::Entropy relied on Perl's builtin rand function to choose an entropy source. Version 0.008 does away with this need.

FEDORA-EPEL-2025-ed542e7452 Packages in this update:

• perl-Data-Entropy-0.008-1.el8

Update description:

Prior to version 0.008, the Perl module Data::Entropy relied on Perl's builtin rand function to choose an entropy source. Version 0.008 does away with this need.

FEDORA-2025-52d7857536 Packages in this update:

• perl-Data-Entropy-0.008-1.fc40

Update description:

Prior to version 0.008, the Perl module Data::Entropy relied on Perl's builtin rand function to choose an entropy source. Version 0.008 does away with this need.

FEDORA-EPEL-2025-3ea9a27f9b Packages in this update:

• perl-Data-Entropy-0.008-1.el9

Update description:

Prior to version 0.008, the Perl module Data::Entropy relied on Perl's builtin rand function to choose an entropy source. Version 0.008 does away with this need.

FEDORA-2025-8a7bd987fe Packages in this update:

• perl-Data-Entropy-0.008-1.fc41

Update description:

Prior to version 0.008, the Perl module Data::Entropy relied on Perl's builtin rand function to choose an entropy source. Version 0.008 does away with this need.

FEDORA-2025-f87fe38331 Packages in this update:

• containernetworking-plugins-1.5.1-2.fc40

Update description:

Resolve FTBFS and rhbz#2351926

FEDORA-2025-cef83410f7 Packages in this update:

• matrix-synapse-1.111.1-4.fc40

Update description:

Backport fixes from v1.127.1

FEDORA-2025-cddcfd6518 Packages in this update:

• matrix-synapse-1.118.0-4.fc41

Update description:

Backport fixes from v1.127.1

FEDORA-2025-63751ef564 Packages in this update:

• matrix-synapse-1.127.1-1.fc42

Update description:

Update to v1.127.1 (CVE-2025-30355)

FEDORA-2025-37c6639afe Packages in this update:

• cri-tools1.29-1.29.0-11.fc41

Update description:

• Resolve FTBFS
• Resolves: rhbz#2352149
• Adopt trivy for license detection to be consistent with cri- tools[1.29..1.32]

FEDORA-2025-adae8279e3 Packages in this update:

• cri-tools1.29-1.29.0-11.fc42

Update description:

• Resolve FTBFS
• Resolves: rhbz#2352149
• Adopt trivy for license detection to be consistent with cri- tools[1.29..1.32]

FEDORA-2025-5dbc7adb84 Packages in this update:

• cri-tools1.29-1.29.0-11.fc43

Update description:

Automatic update for cri-tools1.29-1.29.0-11.fc43.

Changelog * Sat Mar 29 2025 Bradley G Smith <bradley.g.smith@gmail.com> - 1.29.0-11 - Resolve FTBFS - Resolves: rhbz#2352149 - Adopt trivy for license detection to be consistent with cri- tools[1.29..1.32]

FEDORA-EPEL-2025-7f793012aa Packages in this update:

• yarnpkg-1.22.22-7.el8

Update description:

Sync with rawhide.

FEDORA-2025-90f88da466 Packages in this update:

• crosswords-puzzle-sets-xword-dl-0.4.8-1.fc41

Update description:

Update to 0.4.8; Fixes: RHBZ#2237964, RHBZ#2282129

FEDORA-2025-2f7c693519 Packages in this update:

• crosswords-puzzle-sets-xword-dl-0.4.8-1.fc42

Update description:

Update to 0.4.8; Fixes: RHBZ#2237964, RHBZ#2282129