It was discovered that PatchELF was not properly performing bounds
checks, which could lead to an out-of-bounds read via a specially
crafted file. An attacker could possibly use this issue to cause a
denial of service or to expose sensitive information. (CVE-2022-44940)
An issue in Mobicint Backend for Credit Unions v3 allows attackers to retrieve partial email addresses and user entered information via submission to the forgotten-password endpoint.
webkit2gtk3-2.40.1-1.fc36
The Bubblewrap sandbox no longer requires setting an application identifier via GApplication to operate correctly. Using GApplication is still recommended, but optional.
Adjust the scrolling speed for mouse wheels to make it feel more natural.
Allow pasting content using the Asynchronous Clipboard API when the origin is the same as the clipboard contents.
Improvements to the GStreamer multimedia playback, in particular around MSE, WebRTC, and seeking.
Make all supported image types appear in the Accept HTTP header.
Fix text caret blinking when blinking is disabled in the GTK settings.
Fix default database quota size definition.
Fix application of all caps tags listed in the font-feature-settings CSS property.
Fix font height calculations for the font-size-adjust CSS property.
Fix several crashes and rendering issues.
Security fixes: CVE-2022-0108, CVE-2022-32885, CVE-2023-25358, CVE-2023-27932, CVE-2023-27954, CVE-2023-28205
rust-askama-0.11.1-4.fc36
rust-askama_shared-0.12.2-4.fc36
rust-comrak-0.18.0-1.fc36
Update comrak to version 0.18.0.
Disable the unused markdown support in askama and askama_shared crates, which depends on an ancient version of comrak.
This update also includes fixes for two medium-severity security issues in comrak (CVE-2023-28631 and CVE-2023-28626).
rust-askama-0.11.1-4.fc37
rust-askama_shared-0.12.2-4.fc37
rust-comrak-0.18.0-1.fc37
Update comrak to version 0.18.0.
Disable the unused markdown support in askama and askama_shared crates, which depends on an ancient version of comrak.
This update also includes fixes for two medium-severity security issues in comrak (CVE-2023-28631 and CVE-2023-28626).
rust-askama-0.11.1-4.fc38
rust-askama_shared-0.12.2-4.fc38
rust-comrak-0.18.0-1.fc38
Update comrak to version 0.18.0.
Disable the unused markdown support in askama and askama_shared crates, which depends on an ancient version of comrak.
This update also includes fixes for two medium-severity security issues in comrak (CVE-2023-28631 and CVE-2023-28626).
rust-askama-0.11.1-4.fc39
rust-askama_shared-0.12.2-4.fc39
rust-comrak-0.18.0-1.fc39
Update comrak to version 0.18.0.
Disable the unused markdown support in askama and askama_shared crates, which depends on an ancient version of comrak.
This update also includes fixes for two medium-severity security issues in comrak (CVE-2023-28631 and CVE-2023-28626).
Mandiant said this would be the first instance of a software supply chain attack leading to another
Symantec described the findings today, saying the ongoing campaign likely started in November 2022
It was discovered that KAuth incorrectly handled some configuration parameters
with specially crafted arbitrary types. An attacker could possibly use this
issue to cause a denial of service, or possibly execute arbitrary code.
