Read Time:30 Second

FEDORA-2025-666aaa6a0d

Packages in this update:

libheif-1.19.5-3.fc40

Update description:

Latest upstream release. It adds support for tiles and fixes reading images generated by iOS 18+. See https://github.com/strukturag/libheif/releases for more details about the changes since 1.17.6.

NOTE: heif-convert tool was renamed to heif-dec.

How to test:

Download and unzip sample images from mastodon issue #31570. Try opening them with e.g. loupe or gimp. They fail to open with libheif-1.17.6, but should open successfully with libheif-1.19.5.

Fixes CVE-2024-41311 .

USN-7401-1: Linux kernel (AWS) vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could...

April 1, 2025

USN-7392-4: Linux kernel (AWS FIPS) vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could...

April 1, 2025

USN-7392-3: Linux kernel (AWS) vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could...

April 1, 2025

USN-7384-2: Linux kernel (Azure) vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker...

April 1, 2025

USN-7379-2: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

April 1, 2025

USN-7285-2: nginx vulnerability

USN-7285-1 fixed vulnerabilities in nginx. This update provides the corresponding updates for Ubuntu 24.04 LTS. Original advisory details: It was...

April 1, 2025

WP Ultimate CSV Importer Flaws Expose 20,000 Websites to Attacks

The AI Fix #44: AI-generated malware, and a stunning AI breakthrough

Ukraine Blames Russia for Railway Hack, Labels It “Act of Terrorism”

New Phishing Attack Combines Vishing and DLL Sideloading Techniques

Google to Switch on E2EE for All Gmail Users

Cybercriminals Expand Use of Lookalike Domains in Email Attacks

Cell Phone OPSEC for Border Crossings

Hackers exploit little-known WordPress MU-plugins feature to hide malware

Cyber Security and Resilience Bill Will Apply to 1000 UK Firms

libheif-1.19.5-3.fc40

FEDORA-2025-666aaa6a0d

Packages in this update:

Update description:

How to test:

USN-7401-1: Linux kernel (AWS) vulnerabilities

USN-7392-4: Linux kernel (AWS FIPS) vulnerabilities

USN-7392-3: Linux kernel (AWS) vulnerabilities

USN-7384-2: Linux kernel (Azure) vulnerabilities

USN-7379-2: Linux kernel (Raspberry Pi) vulnerabilities

USN-7285-2: nginx vulnerability