Read Time:30 Second

FEDORA-2025-8fdb7be3cb

Packages in this update:

libheif-1.19.5-3.fc41

Update description:

Latest upstream release. It adds support for tiles and fixes reading images generated by iOS 18+. See https://github.com/strukturag/libheif/releases for more details about the changes since 1.17.6.

NOTE: heif-convert tool was renamed to heif-dec.

How to test:

Download and unzip sample images from mastodon issue #31570. Try opening them with e.g. loupe or gimp. They fail to open with libheif-1.17.6, but should open successfully with libheif-1.19.5.

Fixes CVE-2024-41311 .

USN-7400-1: PHP vulnerabilities

It was discovered that PHP incorrectly handle certain inputs. An attacker could possibly use this issue to cause a crash...

March 31, 2025

USN-7399-1: RabbitMQ Server vulnerability

It was discovered that RabbitMQ Server's management UI did not sanitize certain input. An attacker could possibly use this issue...

March 31, 2025

USN-7398-1: libtar vulnerabilities

It was discovered that libtar may perform out-of-bounds reads when processing specially crafted tar files. An attacker could possibly use...

March 31, 2025

USN-7397-1: AOM vulnerability

Xiantong Hou discovered that AOM did not properly handle certain malformed media files. If an application using AOM opened a...

March 31, 2025

USN-7396-1: OVN vulnerability

Marius Berntsberg, Trygve Vea, Tore Anderson, Rodolfo Alonso, Jay Faulkner, and Brian Haley discovered that OVN incorrectly handled certain crafted...

March 31, 2025

USN-7395-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a...

March 31, 2025

New Malware Variant RESURGE Exploits Ivanti Vulnerability

ClickFake Interview Campaign by Lazarus Targets Crypto Job Seekers

The Signal Chat Leak and the NSA

EU Commission to Invest €1.3bn in Cybersecurity and AI

NCSC Urges Users to Patch Next.js Flaw Immediately

US Seizes $8.2m from Romance Baiting Scammers

How Each Pillar of the 1st Amendment is Under Attack

£3 million fine for healthcare MSP with sloppy security after it was hit by ransomware attack

Friday Squid Blogging: Squid Werewolf Hacking Group

libheif-1.19.5-3.fc41

FEDORA-2025-8fdb7be3cb

Packages in this update:

Update description:

How to test:

USN-7400-1: PHP vulnerabilities

USN-7399-1: RabbitMQ Server vulnerability

USN-7398-1: libtar vulnerabilities

USN-7397-1: AOM vulnerability

USN-7396-1: OVN vulnerability

USN-7395-1: WebKitGTK vulnerabilities