Read Time:30 Second

FEDORA-2025-666aaa6a0d

Packages in this update:

libheif-1.19.5-3.fc40

Update description:

Latest upstream release. It adds support for tiles and fixes reading images generated by iOS 18+. See https://github.com/strukturag/libheif/releases for more details about the changes since 1.17.6.

NOTE: heif-convert tool was renamed to heif-dec.

How to test:

Download and unzip sample images from mastodon issue #31570. Try opening them with e.g. loupe or gimp. They fail to open with libheif-1.17.6, but should open successfully with libheif-1.19.5.

Fixes CVE-2024-41311 .

USN-7363-1: PAM-PKCS#11 vulnerabilities

Marcus Rückert and Matthias Gerstner discovered that PAM-PKCS#11 did not properly handle certain return codes when authentication was not possible....

March 20, 2025

A Vulnerability in AMI MegaRAC Software Could Allow for Remote Code Execution

A vulnerability has been discovered in AMI MegaRAC Software, which could allow for remote code execution. MegaRAC is a product...

March 20, 2025

APPLE-SA-03-11-2025-4 visionOS 2.3.2

Posted by Apple Product Security via Fulldisclosure on Mar 20 APPLE-SA-03-11-2025-4 visionOS 2.3.2 visionOS 2.3.2 addresses the following issues. Information...

March 20, 2025

APPLE-SA-03-11-2025-3 macOS Sequoia 15.3.2

Posted by Apple Product Security via Fulldisclosure on Mar 20 APPLE-SA-03-11-2025-3 macOS Sequoia 15.3.2 macOS Sequoia 15.3.2 addresses the following...

March 20, 2025

APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2

Posted by Apple Product Security via Fulldisclosure on Mar 20 APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2 iOS 18.3.2 and iPadOS...

March 20, 2025

APPLE-SA-03-11-2025-1 Safari 18.3.1

Posted by Apple Product Security via Fulldisclosure on Mar 20 APPLE-SA-03-11-2025-1 Safari 18.3.1 Safari 18.3.1 addresses the following issues. Information...

March 20, 2025

BlackLock ransomware: What you need to know

FishMonger APT Group Linked to I-SOON in Espionage Campaigns

Critical GitHub Attack

Rooted Devices 250 Times More Vulnerable to Compromise

Smashing Security podcast #409: Peeping perverts and FBI phone calls

UK CNI Security Leaders Express Confidence in Cybersecurity, Despite 95% Breach Rate

UK Police Arrest 422 in Major Fraud Crackdown

Over Half a Million Hit by Pennsylvania Schools Union Breach

Supply-chain CAPTCHA attack hits over 100 car dealerships

libheif-1.19.5-3.fc40

FEDORA-2025-666aaa6a0d

Packages in this update:

Update description:

How to test:

USN-7363-1: PAM-PKCS#11 vulnerabilities

A Vulnerability in AMI MegaRAC Software Could Allow for Remote Code Execution

APPLE-SA-03-11-2025-4 visionOS 2.3.2

APPLE-SA-03-11-2025-3 macOS Sequoia 15.3.2

APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2

APPLE-SA-03-11-2025-1 Safari 18.3.1